maha18.krushinews18.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://maha18.krushinews18.com/
Submission: On June 22 via api (June 22nd 2023, 9:19:53 am UTC) from IN — Scanned from NL

Summary HTTP 75 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 11 domains to perform 75 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is maha18.krushinews18.com.

This is the only time maha18.krushinews18.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
11	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
75	16

16 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

maha18.krushinews18.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

maha18.krushinews18.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	krushinews18.com maha18.krushinews18.com	910 KB
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	432 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	67 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60 region1.google-analytics.com — Cisco Umbrella Rank: 1832	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	217 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	113 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 3092 pixel.wp.com — Cisco Umbrella Rank: 2850	5 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	86 KB
1	gstatic.com www.gstatic.com	14 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1107	608 B
75	11

	Domain	Requested by
27	maha18.krushinews18.com	maha18.krushinews18.com
12	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	pagead2.googlesyndication.com	maha18.krushinews18.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net maha18.krushinews18.com
3	www.googletagmanager.com	maha18.krushinews18.com www.googletagmanager.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdnjs.cloudflare.com	maha18.krushinews18.com cdnjs.cloudflare.com
1	pixel.wp.com	maha18.krushinews18.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.wp.com	maha18.krushinews18.com
75	15

This site contains links to these domains. Also see Links.

Domain
chat.whatsapp.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
krushinews18.com GTS CA 1P5	`2023-05-27` - `2023-08-25`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://maha18.krushinews18.com/
Frame ID: 0B1CF29BADD2702A84D2D4DA835E2232
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html
Frame ID: 832B3721D8A5D58AB8828D4433550C0B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4216180251218895&output=html&adk=1812271804&adf=3025194257&lmt=1686904782&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=http%3A%2F%2Fmaha18.krushinews18.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&dt=1687425585819&bpp=3&bdt=5936&idt=275&shv=r20230620&mjsv=m202306160401&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5134090529048&frm=20&pv=2&ga_vid=1447335161.1687425586&ga_sid=1687425586&ga_hid=830240374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C42532280%2C42532278%2C31075431%2C31075468%2C44788441%2C44794790&oid=2&pvsid=2935169083269437&tmod=1516413110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=295
Frame ID: 1A87FCB7EEAC21E1F1795BB55943B1F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1
Frame ID: 866E02EDA6F03440E2E94F65061E0427
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1
Frame ID: E6C91387A685E32DFFF70A628A8CAFBD
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 492027190A2DBB63CA76D8AEED94E611
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js
Frame ID: 3DC49BE4AE906008E08474E358B8431E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js
Frame ID: D0487219A81F2EE8FEA5FBE6E01FF91D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9B04D7E96B42D6A78DFCF921D136958E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4F45AD3109D74CFA8D26B72422FD015C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Maha Krushinews 18 - Maha Krushinews 18

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

75
Requests

77 %
HTTPS

93 %
IPv6

11
Domains

15
Subdomains

16
IPs

2
Countries

1868 kB
Transfer

3912 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://chat.whatsapp.com/I1NJcgl3AnzEOnRAClHfsQ
Title: माहितीसाठी ग्रुप जॉईन करा

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

75 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
maha18.krushinews18.com/ 75 KB
15 KB 8111ms
8061ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://maha18.krushinews18.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0eb197de436f143e43bf3f1ac747530c007e5c0053edfd4972299ee38359a5b0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7db368fffe5d0a63-AMS
Cache-Control: max-age=7200
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 22 Jun 2023 09:19:39 GMT
Expires: Thu, 22 Jun 2023 11:19:38 GMT
Last-Modified: Fri, 16 Jun 2023 08:39:42 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJGTxoez1FTtDQdJgI0HzKk8ZNym3taXdPIVLn7Aab8QvHmp34DcgBMK02YQ5HwcDmOmUzLB4Z8tXWCVmmZqIRLBLs3Z93jnf%2BmU4%2Bbu6aX45JPWdZWBdPdLARgWCIyhAdmiw6M7XBd%2F%2Fm1a4uaJJu%2FJsxg0UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK style.min.css
maha18.krushinews18.com/wp-includes/css/dist/block-library/ 95 KB
19 KB 4099ms
4074ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://maha18.krushinews18.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 22 Jun 2023 09:19:43 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-nginx-cache: WordPress
Last-Modified: Fri, 10 Mar 2023 00:22:38 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: text/css
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WADSCnqmEPtkDSipOLNgHjkqcIFRkpqo6tbfKPo7gm8Ie9yMF3wSvzFLZjIiFlGU7VOYjMf%2BmCGzhfkhMY7D%2BgyVl2PhSEv%2B0sKy0mAcFy6GIEQi12bhl1qvlwZIixKgTFvMFKszW2TWYyY5ovjNI5Evk3AnGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=86400
CF-RAY: 7db369328da541c2-AMS
Expires: Fri, 23 Jun 2023 09:19:40 GMT

GET
H/1.1 200
OK view.css
maha18.krushinews18.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/ 2 KB
2 KB 3413ms
3387ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://maha18.krushinews18.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/view.css?minify=false&ver=317afd605f368082816f
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95d19d87f29a6ea4e274e3681e839eac392e30647f4d373841c3c9c30749b64b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 22 Jun 2023 09:19:43 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 772
X-nginx-cache: WordPress
Last-Modified: Tue, 30 May 2023 14:04:52 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: text/css
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fxAqZXiaHj04qq5YiwnR01I5MGcUTh5wElXAPYfeLYeaJVJzNkaFgFaN7BsR63%2Bo%2BHY83If29ozwhM8ZmnO6rlLDiLhLlneGZQ4%2FqGAaBM674MfNF90t2EolxzQ%2BDsAura5EdD0iEHLfDk7PJtb19dzGfmNBw%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=86400
Accept-Ranges: bytes
CF-RAY: 7db369328df906ca-AMS
Expires: Fri, 23 Jun 2023 09:19:40 GMT

GET
H/1.1 200
OK mediaelementplayer-legacy.min.css
maha18.krushinews18.com/wp-includes/js/mediaelement/ 11 KB
4 KB 1476ms
1451ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://maha18.krushinews18.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 22 Jun 2023 09:19:41 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 3239
X-nginx-cache: WordPress
Last-Modified: Tue, 29 Sep 2020 15:53:06 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: text/css
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xa6a79%2FB9xMl4YkX4ordL8H4UHJxVXEXoyKJb0kPhPVergc9PKCpPs%2BUBtY6lshkFkmQer804SV4uElDqiYEnJw2emIrgwoPkNZvESSPvNGaMF9Hutg3H93xtlXGEj5dCDbFod5TxU81P635%2B3fwOFFiW1p%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=86400
Accept-Ranges: bytes
CF-RAY: 7db369328e95b758-AMS
Expires: Fri, 23 Jun 2023 09:19:40 GMT

GET
H/1.1 200
OK wp-mediaelement.min.css
maha18.krushinews18.com/wp-includes/js/mediaelement/ 4 KB
2 KB 1256ms
1230ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://maha18.krushinews18.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.2.2
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 22 Jun 2023 09:19:41 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 1298
X-nginx-cache: WordPress
Last-Modified: Fri, 07 Jun 2019 20:45:02 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: text/css
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yj5qTt%2BU0iRpfA7ZkuB7ZsltX1rh86Wt8yg6gHFqsu5ZlFHA8xQ1HV25BHNRj%2FZP28ybIs4MLCWc8R94BqVVDqi40CwZOJy3pa1Qpjsv%2Bah4x6M%2BSJNhjAQzjJhMXR5GMPE4vIZ2w9pIt4wbOAyJoWlVpPPFwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=86400
Accept-Ranges: bytes
CF-RAY: 7db369328e4b0e35-AMS
Expires: Fri, 23 Jun 2023 09:19:40 GMT

GET
H/1.1 200
OK classic-themes.min.css
maha18.krushinews18.com/wp-includes/css/ 291 B
1 KB 2865ms
2839ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://maha18.krushinews18.com/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 22 Jun 2023 09:19:42 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 210
X-nginx-cache: WordPress
Last-Modified: Mon, 13 Feb 2023 20:50:20 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: text/css
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvazVbgGHl5AHmJY8mpOlGe0UIMyv3W2GOQcxd0U7pF1ALUojgx3Y4MU3%2FFsGhr9P7UYEafN7dUACDX%2BasCcjjrLRpQgEEgqWDL0Etjj%2F83KAuKYZT8C1%2BGEW6EfPg5Up2nDIE53j1eZN7NJ3LL0DNPQG2ADRw%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=86400
Accept-Ranges: bytes
CF-RAY: 7db369328b35b95c-AMS
Expires: Fri, 23 Jun 2023 09:19:40 GMT

GET
H/1.1 200
OK frontend.css
maha18.krushinews18.com/wp-content/plugins/buttonizer-multifunctional-button/assets/ 8 KB
2 KB 3484ms
3322ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://maha18.krushinews18.com/wp-content/plugins/buttonizer-multifunctional-button/assets/frontend.css?v=b1d71238024fc4efb8359ec8404be1a0&ver=6.2.2
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35bd4d4ff31cfcfd010823b77b34c554723a63dbb6c1223457e2717c2eade505

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 22 Jun 2023 09:19:43 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 1156
X-nginx-cache: WordPress
Last-Modified: Sat, 06 May 2023 02:18:04 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: text/css
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApS9I7SB6Qn6rK%2BdcvDwvqi9T5vfsngYjQer0h0PZKGXMkSaPQjCx2F%2FrFrU3nbdMuWcW6UlIeiWQ7b9uWVUv%2BVM8Td3KVlW3pMRSkHk0qW7l5bw%2BF4nDT4FBbpAqYXaa%2BhJjacc59F2XpNzArvRxN97GDMvXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=86400
Accept-Ranges: bytes
CF-RAY: 7db369336e170a63-AMS
Expires: Fri, 23 Jun 2023 09:19:40 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 94ms
38ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css?ver=6.2.2

Requested by

Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://maha18.krushinews18.com/
Origin: http://maha18.krushinews18.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2451462
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10462
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBBJlCRmYboDIcHmEdaALTJGoJcS1p%2FjvL65a0cowHINDbMgQjoNpfWOqIISKl5ghYvjcH36eqd4fAasyRLEDpyKwI8REV2vm61cpMr%2FggeiH5JIs%2B2nIaLI5Aa3KSrfcWhVMSjl9FPE%2BgwktUcbMcbS"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7db36932bd93b704-AMS
expires: Tue, 11 Jun 2024 09:19:39 GMT

GET
H/1.1 200
OK widget-areas.min.css
maha18.krushinews18.com/wp-content/themes/generatepress/assets/css/components/ 3 KB
2 KB 4066ms
2810ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://maha18.krushinews18.com/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.3.0
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 22 Jun 2023 09:19:43 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 834
X-nginx-cache: WordPress
Last-Modified: Sat, 06 May 2023 02:29:56 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: text/css
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydp0YP0byBlz1gIFpn9zCAl7Ui1lJoPCA92ej0Zi66KjaLQFtuANIFiSdWAuklW%2BZ4LFWFuL1%2BajsFSXuTtrljf71xEU6z6ba32AcKYHqY71dEI8PKNBlXVaGBO4j3ll1xt2MvaDONDh12trGuMNkrgr6ve5LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=86400
Accept-Ranges: bytes
CF-RAY: 7db3693a38710e35-AMS
Expires: Fri, 23 Jun 2023 09:19:41 GMT

GET
H/1.1 200
OK main.min.css
maha18.krushinews18.com/wp-content/themes/generatepress/assets/css/ 19 KB
7 KB 1935ms
459ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://maha18.krushinews18.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.3.0
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 22 Jun 2023 09:19:41 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 6114
X-nginx-cache: WordPress
Last-Modified: Sat, 06 May 2023 02:29:56 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: text/css
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVMCT83lSInDd3ixLySJdeaVcvGGff4MoZtgLEIkUXMtXqTXut1%2BcBLcsNe9JfnGiDxCRopyyZWC1I2pH6QTx8zeBrUBlmA%2B7hk9MQQFdKOGk9qCY127X3ou8cJKmHRu3YmT81zAaMI1qQQtN9UzXCiVzbqfMA%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=86400
Accept-Ranges: bytes
CF-RAY: 7db3693b9fffb758-AMS
Expires: Fri, 23 Jun 2023 09:19:41 GMT

GET
H/1.1 200
OK public.css
maha18.krushinews18.com/wp-content/plugins/recent-posts-widget-with-thumbnails/ 1 KB
1 KB 3849ms
1913ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://maha18.krushinews18.com/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cf6dc3c4aec0e9af90fec9c73760a65244f2f4c7e349fd89240ff04c25ddc67

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 22 Jun 2023 09:19:43 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 486
X-nginx-cache: WordPress
Last-Modified: Sat, 06 May 2023 02:37:07 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: text/css
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7BP%2FtDySbLUylHuHGUyXDqaABcw5JxLZK12YeTt%2FrnpdUqVJ1wF8FcJU5dIEwh5Xrjbno7rq9q66al9%2FgETU8dS45v5RWHrLPTF%2Bc%2Bn7Lk5mk%2Fr46X9hMBl%2FZ4JbQmFZ8rnTKcU3%2B6zmyWlSeGGw62tJTVenA%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=86400
Accept-Ranges: bytes
CF-RAY: 7db3693e7aedb758-AMS
Expires: Fri, 23 Jun 2023 09:19:42 GMT

GET
H/1.1 200
OK featured-images.min.css
maha18.krushinews18.com/wp-content/plugins/gp-premium/blog/functions/css/ 3 KB
1 KB 4970ms
2105ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://maha18.krushinews18.com/wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css?ver=2.0.3
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e545a7e4d7f69a26daa026799b6ab7caea7cfe6aa822b0038f63c14a5f69cf1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 22 Jun 2023 09:19:44 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 549
X-nginx-cache: WordPress
Last-Modified: Sat, 06 May 2023 02:16:20 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: text/css
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JEhKA2qMPli%2FBfbm2RJ1fTKRIs1xUsQcZ4%2FmGVuLs3c3CmFkO0w57uEDGz%2BcxB4l5On093dYfcS9XhL1OdZ8OwU2Ga8sReLZ%2BVgcTD3fsMoGrNWiOyPav5fKekUeGtw2lyzXFHSfoLJLnGkCOoV7lPOb%2F%2BjIDA%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=86400
Accept-Ranges: bytes
CF-RAY: 7db369444a93b95c-AMS
Expires: Fri, 23 Jun 2023 09:19:43 GMT

GET
H/1.1 200
OK jetpack.css
maha18.krushinews18.com/wp-content/plugins/jetpack/css/ 97 KB
27 KB 5700ms
2288ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://maha18.krushinews18.com/wp-content/plugins/jetpack/css/jetpack.css?ver=12.1.1
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05db96d56969f90368d364da6c464ad073255964267594cb7e2b65b90d385da0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 22 Jun 2023 09:19:45 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-nginx-cache: WordPress
Last-Modified: Tue, 30 May 2023 14:04:51 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: text/css
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6UsWR4i%2BHFRlPW8PvtLFiy4PRXxHs0QNK8ar4ioJeKkQOKlP4A778TMdO5wl%2F%2BOe%2BBYCx%2BvpcSc2lYPGJzlW%2FTXuk2%2FVRr%2BZxQlbWKyxW5oHJ7nONgBjte2c7lZFktWMyfN5fy28pnEyLtkPxNt4JQmED0TkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=86400
CF-RAY: 7db36947bde806ca-AMS
Expires: Fri, 23 Jun 2023 09:19:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
64 KB 124ms
48ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-267326896-1

Requested by

Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29234b15f0a9b5c6195bd1c20949fecb305f252510b29fe07730800a454a429b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64729
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Jun 2023 09:19:45 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 157ms
82ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4216180251218895&host=ca-host-pub-2644536267352236

Requested by

Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff4e4543cabde441675612c483d48a55bcb1be650377b07b46dfb3026ce41bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://maha18.krushinews18.com/
Origin: http://maha18.krushinews18.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47881
x-xss-protection: 0
server: cafe
etag: 9976786566390182438
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 22 Jun 2023 09:19:45 GMT

GET
H2 200 cropped-Krushinews-18-%E0%A4%AE%E0%A4%B9%E0%A4%BE-Logo.png
maha18.krushinews18.com/wp-content/uploads/2023/05/ 15 KB
15 KB 1968ms
1907ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maha18.krushinews18.com/wp-content/uploads/2023/05/cropped-Krushinews-18-%E0%A4%AE%E0%A4%B9%E0%A4%BE-Logo.png
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00a4984af7948dad2654079102d2f2cb4406ce03ca5d819a2a83c8e47e7fa3e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 14968
x-nginx-cache: WordPress
last-modified: Sat, 06 May 2023 02:34:04 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byzV8EYmwAwxRvzht593lOxBLvJv%2F7nWsGr43BGHk0Oqm2lfJeIfRkUG8Kq0Wd4PKzQ0kKXv2b%2B7y53EZRqKfyHGQOM4WtEXQFhRXZGgscfJ4g8S5OB8rh138jjI%2B5xEk8bxgmzZBxcJUMDELk03fVh8Cb2aTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7db369567d3f0b7b-AMS
expires: Fri, 23 Jun 2023 09:19:46 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
46 KB 203ms
128ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4216180251218895

Requested by

Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b99921fe4e77ad0817961a884a13f6b7b153753938b76321d028b000bde0990

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://maha18.krushinews18.com/
Origin: http://maha18.krushinews18.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47103
x-xss-protection: 0
server: cafe
etag: 3562829212492789224
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 22 Jun 2023 09:19:45 GMT

GET
H2 200 Pm-Kisan-Yojana-1.jpg
maha18.krushinews18.com/wp-content/uploads/2023/05/ 125 KB
126 KB 1605ms
1543ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maha18.krushinews18.com/wp-content/uploads/2023/05/Pm-Kisan-Yojana-1.jpg
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9db361916c1caea3fb2d6822e3c0be601ddae2202060acf5da4479bbf193e344

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 128176
x-nginx-cache: WordPress
last-modified: Sat, 06 May 2023 07:59:39 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNkY1xAo%2FJide2XIm2DjqMlXunN23fOCezM8Cfn7zRfoEwWWVk3tg3KZSRPbbAYttJsAeCGa7oNISwOgGgPXCOIDo6NiejLbxk%2F5cf%2BMZvD63GEz7CQ1%2FNTG8p5%2BCT%2BF83w5o6zRF%2FgeTf65eUtj%2BBnJ4dSUMw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7db369567d420b7b-AMS
expires: Fri, 23 Jun 2023 09:19:46 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
maha18.krushinews18.com/wp-includes/js/ 18 KB
6 KB 880ms
879ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://maha18.krushinews18.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 22 Jun 2023 09:19:46 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 5344
X-nginx-cache: WordPress
Last-Modified: Thu, 02 Feb 2023 00:53:26 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=reTn2130iCc3iK9w%2FzlIQLiUcN%2B4sWBU3vgiHGth7guTDsBGgDeOvrtshbq0VBGh64RIsinF1%2FskUf9RYSdO6jwMaW80c4Smj8whdkAQZJMpvIZUkD9%2FCcLg71znPoij8F8qZbG3OXEu4XfurBj0Pu4MiZCh8w%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=86400
Accept-Ranges: bytes
CF-RAY: 7db3695618ed0e35-AMS
Expires: Fri, 23 Jun 2023 09:19:45 GMT

GET
H/1.1 200
OK frontend.min.js Show response
maha18.krushinews18.com/wp-content/plugins/buttonizer-multifunctional-button/assets/ 301 KB
117 KB 2304ms
2304ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://maha18.krushinews18.com/wp-content/plugins/buttonizer-multifunctional-button/assets/frontend.min.js?v=b1d71238024fc4efb8359ec8404be1a0&ver=6.2.2
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92d736da79e0204e13207e657b28702287b0d2b0b2ed249bacee97d4c396fb52

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 22 Jun 2023 09:19:47 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-nginx-cache: WordPress
Last-Modified: Sat, 06 May 2023 02:18:04 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=088vKxmkpmgrJc956ZYQEOHVDbxy0cG%2F%2BZJcK1%2BRsnYh21RVK0ptExHrKDdgTrXTLuJMArfT5pVIUgItjio05xW8mxbiqpZhDbW%2FWBqkYyIz5%2FLlNdDZpshVPdfpxs6JhTbZpk8p7KYkDqvtxOBKb%2Fx3G9qa1w%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=86400
CF-RAY: 7db369517b18b95c-AMS
Expires: Fri, 23 Jun 2023 09:19:45 GMT

GET
H/1.1 200
OK menu.min.js Show response
maha18.krushinews18.com/wp-content/themes/generatepress/assets/js/ 7 KB
3 KB 1339ms
1339ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://maha18.krushinews18.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.0
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 22 Jun 2023 09:19:46 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 2197
X-nginx-cache: WordPress
Last-Modified: Sat, 06 May 2023 02:29:56 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wef8mbr4nwkbTqw1BSY7AabKoE%2B5fHHnEQo%2FmV2QA%2Bzg5LacXi%2BtCEJIIum1ni9wrx5wuZ%2F1t8vqfVTENBcIcFmOgDyG8wkGds2GLB92k9zXUpN90TTow1szH9Y3pfQokHE5ATdmmj3J5tPmOi8xe0MEOnTsGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=86400
Accept-Ranges: bytes
CF-RAY: 7db369560b2406ca-AMS
Expires: Fri, 23 Jun 2023 09:19:45 GMT

GET
H/1.1 200
OK back-to-top.min.js Show response
maha18.krushinews18.com/wp-content/themes/generatepress/assets/js/ 757 B
1 KB 545ms
544ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://maha18.krushinews18.com/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.3.0
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 808af092ebf9a3f9ffa55a0fcb1ec1809ac1a12ffa602e01e4ea91da1d2b5475

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 22 Jun 2023 09:19:46 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 393
X-nginx-cache: WordPress
Last-Modified: Sat, 06 May 2023 02:29:56 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrxAfK1FeIB0WUv9Xik7Idg7GRsfcYniCoKLNbLOYozI8kVGWu03JBe1z6jMMhjhiQde8JQtohYj1KiCwv2JFMnEe%2BvExGqxB7o%2BQcGG2XBG4HExlDx2rBdeuKGYUgtjZmgeweeCZjiedefHMbc%2BQgzEBmKEyA%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=86400
Accept-Ranges: bytes
CF-RAY: 7db369561e4541c2-AMS
Expires: Fri, 23 Jun 2023 09:19:45 GMT

GET
H2 200 e-202324.js Show response
stats.wp.com/ 13 KB
4 KB 86ms
26ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202324.js
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ab8517f3d5171dd42a8b9c22af6a2f944b41d00e7ea54ba02b4ed71a6c59e543

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nc: HIT ams
date: Thu, 22 Jun 2023 09:19:45 GMT
content-encoding: br
last-modified: Fri, 19 May 2023 02:56:42 GMT
server: nginx
etag: W/"6466e56a-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 10 Jun 2024 04:21:29 GMT

GET
H2 200 Petrol-Diesel-Lpg-Gas-Rate-min.jpg
maha18.krushinews18.com/wp-content/uploads/2023/05/ 209 KB
209 KB 2122ms
2090ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maha18.krushinews18.com/wp-content/uploads/2023/05/Petrol-Diesel-Lpg-Gas-Rate-min.jpg
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 784de9d1f99370aef1b22b5d8bcccb33e94a02d170e9726267acc3895615fa55

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 213823
x-nginx-cache: WordPress
last-modified: Tue, 23 May 2023 07:40:44 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4IIxflEXMDWatdxEqjfge36ZKmKmrLRATpYobnMUAQ8cPsTyAoYk%2Bf6VemEIppwVf7NZeasCLQhf%2ByATpUfrWmwDCk34w6%2FLQ2uYJ8aJB%2B5mOhMuLAyIpqgOO2RhJ0lUMrxgsc7x0HjQxPD2veFCP00dIZxTA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7db369567d440b7b-AMS
expires: Fri, 23 Jun 2023 09:19:46 GMT

GET
H2 200 Indian-Air-Force-Recruitment.jpg
maha18.krushinews18.com/wp-content/uploads/2023/05/ 160 KB
160 KB 1603ms
1571ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maha18.krushinews18.com/wp-content/uploads/2023/05/Indian-Air-Force-Recruitment.jpg
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccef8817515fb358400bc6731cd49d9d3a32ffe8b7f1268fea3bd6ab399b104f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 163619
x-nginx-cache: WordPress
last-modified: Tue, 23 May 2023 02:15:51 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUSxzXPl3VTTOpY7i91OPvOioQhITxyoRa2m9AiAuMd7ISDHWN%2Bbf7fPP9EEOo9w9QN7%2BYGO%2BX0kDP%2F9gPbePnEhOJr5cieFzP%2Ba0trdOxryP68EdjozyujX7kHqJeQuvYoBInRPOzuxMBXqEcuh4NGSMtpR7g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7db369567d450b7b-AMS
expires: Fri, 23 Jun 2023 09:19:46 GMT

GET
H2 200 PCMC-Recruitment.jpg
maha18.krushinews18.com/wp-content/uploads/2023/05/ 114 KB
114 KB 2135ms
2104ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maha18.krushinews18.com/wp-content/uploads/2023/05/PCMC-Recruitment.jpg
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15a35988577c42254bcaa7f588dc16bfb4126f4ce8ca8233ccf57572bbcaab56

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 116410
x-nginx-cache: WordPress
last-modified: Tue, 23 May 2023 02:14:06 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCaJIr2u%2FCqu7eUzGaCi8f9RGDrgSn10G2cwNqBl56KvsVGQEqsRBU9mJAZJ%2FI1Cxm6nKIMi0yqEYqBv8wL8i9uYa24hQkdnT7gJoVf3AgcU%2BTudqvNQrqsxFxq5zVsH96pnucw%2BtrSufg8cuzbpYO4Dq%2FEDQA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7db369567d460b7b-AMS
expires: Fri, 23 Jun 2023 09:19:46 GMT

GET
H2 200 Land-Map-Calculator.webp
maha18.krushinews18.com/wp-content/uploads/2023/05/ 27 KB
27 KB 1245ms
1245ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maha18.krushinews18.com/wp-content/uploads/2023/05/Land-Map-Calculator.webp
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32733b1b18c6139ec3de5da93028be1696e9cfd02015f2565bbb0884e08636c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 27138
x-nginx-cache: WordPress
last-modified: Tue, 23 May 2023 01:31:39 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXfq%2FUQYokYUVbIxknxlgjTp4gt%2BMTcf5Ek9MjiiGRo4H8x2j%2BXN5URuhj3dz8Z1N%2BzkkII7O0D7q%2BEA19fnmdfse%2Fum8soXOnfZ010reGmUw%2FszM%2BjzBCw%2Fxy9MDUUOeubeA%2FQn0mv2SzLMQNxPOyOtkyAf%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7db369569d780b7b-AMS
expires: Fri, 23 Jun 2023 09:19:46 GMT

GET
H2 200 Pm-Kisan-Yojana-1-150x150.jpg
maha18.krushinews18.com/wp-content/uploads/2023/05/ 11 KB
11 KB 1150ms
1150ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maha18.krushinews18.com/wp-content/uploads/2023/05/Pm-Kisan-Yojana-1-150x150.jpg
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 455f948ed5935660aa90c3d90c8ae00ef26801746572c28b69b79884d2878a66

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 11309
x-nginx-cache: WordPress
last-modified: Sat, 06 May 2023 07:59:39 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSxKjvU%2BvdHK4sfnqeyeUydJ2YrLHGe3PJrldm1ELCHkYeyH0Vb0XdsrEabHwE9KN6DRxtVK31eOilG%2FUfTWRT4H9DIycmt2pwGcmV0UJWr%2Fwcni5G75r%2FXjP99pqmBY44sN74vDLIwZ53jHiQUOAj%2Bg48ueOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7db36956ad7b0b7b-AMS
expires: Fri, 23 Jun 2023 09:19:46 GMT

GET
H2 200 Petrol-Diesel-Lpg-Gas-Rate-min-150x150.jpg
maha18.krushinews18.com/wp-content/uploads/2023/05/ 9 KB
9 KB 781ms
781ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maha18.krushinews18.com/wp-content/uploads/2023/05/Petrol-Diesel-Lpg-Gas-Rate-min-150x150.jpg
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 040f3b085d90a31196e1735900340c9e80e1ccbadbad90ce254664f2e2d84bf4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 9114
x-nginx-cache: WordPress
last-modified: Tue, 23 May 2023 07:40:45 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BVhoPxhfHwucgz6ejJKyqPsb5zPhtkE7QqkqJIh3B1Rro1ampWl45LqHdb4r4Hh8vmGB19Ldp4F2p6QfmLOSTHuLblngzZv51ENef4aWeyhqYP00lXFTUrPzs6%2B%2BS%2F%2B2KLcPnZLiqvr3EfjH1MLfyFffh5%2FQg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7db36956ad7c0b7b-AMS
expires: Fri, 23 Jun 2023 09:19:46 GMT

GET
H2 200 Indian-Air-Force-Recruitment-150x150.jpg
maha18.krushinews18.com/wp-content/uploads/2023/05/ 10 KB
10 KB 1131ms
1131ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maha18.krushinews18.com/wp-content/uploads/2023/05/Indian-Air-Force-Recruitment-150x150.jpg
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48834f39635c679e8a324bec17381d621fd58ff52903c376ff196cb29e798fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 10352
x-nginx-cache: WordPress
last-modified: Tue, 23 May 2023 02:15:51 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0CF7snpFbONgMuV2SGLnLioX5Fcnsd6j1YYSke4WcerBriBOA4kKluxOW0ZXNvsC8DZMjH9Dd7VKi5WsF6mx6auPaOjbPXhkdl1dVG7YuRp4TnJrlRzZfuWwKMOoQlSHJH9gX8Hi1BozGlDDmXMV0IOI4K8JA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7db36956ad7f0b7b-AMS
expires: Fri, 23 Jun 2023 09:19:46 GMT

GET
H2 200 PCMC-Recruitment-150x150.jpg
maha18.krushinews18.com/wp-content/uploads/2023/05/ 12 KB
12 KB 1074ms
1074ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maha18.krushinews18.com/wp-content/uploads/2023/05/PCMC-Recruitment-150x150.jpg
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f26cf917664e57518348ecfcfd59ba15d8dd1280b10925bc9cc2b42ad77b9a23

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 12431
x-nginx-cache: WordPress
last-modified: Tue, 23 May 2023 02:14:06 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgeaq1TuV3n8Y9hOvPzMn5gtUXziIPzg7QEZsYKAfWAtMu2F1pa5thaQBxUrntxrXYEcoOgK4awi6sQLFeMu1Il2KocbmYzx0jrvoQjqcl3UPBcmCRa3ezx5TWAduDT%2Fx0KairaLKrMifchgRxCZcUf6HN6OtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7db36956ad800b7b-AMS
expires: Fri, 23 Jun 2023 09:19:46 GMT

GET
H2 200 Land-Map-Calculator-150x150.webp
maha18.krushinews18.com/wp-content/uploads/2023/05/ 6 KB
6 KB 2050ms
2049ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maha18.krushinews18.com/wp-content/uploads/2023/05/Land-Map-Calculator-150x150.webp
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f537195fd6d5e28258d9e655734eade065a8f45f9bd60985c49ec6af3f5e168

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 5684
x-nginx-cache: WordPress
last-modified: Tue, 23 May 2023 01:31:39 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJwoZE9phviVVjhI7h11pOybLJolrDLb6E3x1Vbqk1%2Fb315AR5qZAsyDtltqgMcwL%2FTa5RztBTz19RvFM10%2BpfA9UYb3Zhg7niIeO0WNpY00L9Pqh0uLGAI7%2FhvEunbpXKLe1JoSZ7vRgT2ZpApRjyj2qyDPeg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7db36956ad810b7b-AMS
expires: Fri, 23 Jun 2023 09:19:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N5GP019QVQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-267326896-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f137dd23f04f45e314efb957d25483b19520bfb3f7054fd837a7163a7abc175f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79060
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 22 Jun 2023 09:19:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 202ms
60ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-267326896-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Jun 2023 09:04:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 904
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 22 Jun 2023 11:04:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
76 KB 69ms
67ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QG5ZN648T3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-267326896-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54b2a8620f9e3b494c7213553ec29d469d931b0603ab5929e253850cbeb73def

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77560
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 22 Jun 2023 09:19:45 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160401/ 355 KB
119 KB 176ms
100ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160401/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4216180251218895&plah=maha18.krushinews18.com&bust=31075468

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4216180251218895&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bad1ef79dfa76444509a9ed1776b132091ec5e83d552e9a5112eeaa14cdca4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121489
x-xss-protection: 0
server: cafe
etag: 12384528172462131358
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 22 Jun 2023 09:19:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/ Frame 832B 10 KB
5 KB 111ms
38ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4216180251218895&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://maha18.krushinews18.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 36481
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:11:44 GMT
etag: 15057649708203361565
expires: Wed, 05 Jul 2023 23:11:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 87ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N5GP019QVQ&gtm=45je36e2&_p=830240374&cid=1447335161.1687425586&ul=en-us&sr=1600x1200&ngs=1&_s=1&sid=1687425585&sct=1&seg=0&dl=http%3A%2F%2Fmaha18.krushinews18.com%2F&dt=Maha%20Krushinews%2018%20-%20Maha%20Krushinews%2018&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N5GP019QVQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 09:19:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://maha18.krushinews18.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 64ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QG5ZN648T3&gtm=45je36e2&_p=830240374&gdid=dZTNiMT&cid=1447335161.1687425586&ul=en-us&sr=1600x1200&ngs=1&_s=1&sid=1687425585&sct=1&seg=0&dl=http%3A%2F%2Fmaha18.krushinews18.com%2F&dt=Maha%20Krushinews%2018%20-%20Maha%20Krushinews%2018&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QG5ZN648T3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 09:19:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://maha18.krushinews18.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
211 B 40ms
40ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=830240374&t=pageview&_s=1&dl=http%3A%2F%2Fmaha18.krushinews18.com%2F&ul=en-us&de=UTF-8&dt=Maha%20Krushinews%2018%20-%20Maha%20Krushinews%2018&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1627608789&gjid=9023486&cid=1447335161.1687425586&tid=UA-267326896-1&_gid=300101525.1687425586&_r=1&gtm=457e36e2&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1858509195

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://maha18.krushinews18.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 09:19:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://maha18.krushinews18.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
608 B 191ms
59ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=maha18.krushinews18.com&callback=_gfp_s_&client=ca-pub-4216180251218895

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160401/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4216180251218895&plah=maha18.krushinews18.com&bust=31075468

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30d53b487ce027cc4f2b2344bad010d43a05408de8d829e4180ab624782a1fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 123ms
43ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=maha18.krushinews18.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1A87 241 KB
53 KB 535ms
534ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4216180251218895&output=html&adk=1812271804&adf=3025194257&lmt=1686904782&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=http%3A%2F%2Fmaha18.krushinews18.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&dt=1687425585819&bpp=3&bdt=5936&idt=275&shv=r20230620&mjsv=m202306160401&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5134090529048&frm=20&pv=2&ga_vid=1447335161.1687425586&ga_sid=1687425586&ga_hid=830240374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C42532280%2C42532278%2C31075431%2C31075468%2C44788441%2C44794790&oid=2&pvsid=2935169083269437&tmod=1516413110&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=295

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cdb058b73f630297a90240103e4c1ab756c9b19a2c4e6bc5d8ba1bf367930b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://maha18.krushinews18.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 54366
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jun 2023 09:19:46 GMT
expires: Thu, 22 Jun 2023 09:19:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160401/ 154 KB
52 KB 122ms
121ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160401/reactive_library_fy2021.js?bust=31075468

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e342636f14d0c460e9e788edea3d1b6087e7f3a396c637af3b58a47ddf7677eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53546
x-xss-protection: 0
server: cafe
etag: 1717925219989834127
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Jun 2023 09:19:46 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 41ms
41ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=maha18.krushinews18.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/ Frame 866E 10 KB
4 KB 33ms
33ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://maha18.krushinews18.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 34847
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:38:59 GMT
etag: 15057649708203361565
expires: Wed, 05 Jul 2023 23:38:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/ Frame E6C9 10 KB
4 KB 33ms
32ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://maha18.krushinews18.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 34847
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:38:59 GMT
etag: 15057649708203361565
expires: Wed, 05 Jul 2023 23:38:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 866E 2 KB
945 B 142ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 866E 22 KB
9 KB 142ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 866E 3 KB
1 KB 169ms
68ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 866E 19 KB
8 KB 133ms
32ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 866E 179 KB
56 KB 140ms
48ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 09:19:47 GMT

GET
H2 200 b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response
www.gstatic.com/mysidia/ Frame 866E 33 KB
14 KB 209ms
62ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14011
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 14:00:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame E6C9 22 KB
9 KB 145ms
69ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4920 143 B
166 B 33ms
32ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jun 2023 08:55:50 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame E6C9 3 KB
1 KB 140ms
67ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame E6C9 19 KB
8 KB 109ms
36ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H2 200 9116762256196458125
tpc.googlesyndication.com/simgad/ Frame E6C9 51 KB
51 KB 147ms
74ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9116762256196458125?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlPZhJJ6XxfP0AxZfLqfwTQ7Mxfrw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b131fbd13859f7b786825c4aaab019fa772f2379e5dc038c2aa31074832d4ce2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 08:38:14 GMT
x-content-type-options: nosniff
age: 175293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51934
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 08:50:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 19 Jun 2024 08:38:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E6C9 179 KB
56 KB 167ms
101ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 09:19:47 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame E6C9 32 KB
13 KB 179ms
106ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fabde8d15da3f0ac972cf7e369d5057dcc2e14a2f46eef8d72fcb5f61a7b9ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:21:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13405
x-xss-protection: 0
server: cafe
etag: 10115250828022236732
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:21:35 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4920
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

46ms
46ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jun 2023 09:19:47 GMT
expires: Thu, 22 Jun 2023 09:19:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jun 2023 09:19:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3DC4 37 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 135908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 19:34:39 GMT

GET
DATA 200
OK truncated
/ Frame E6C9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 630176883a70d1071669a8dcc67c55694bca90972f7a2496b73adc81944faaa9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame D048 37 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 135908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 19:34:39 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E6C9 0
23 B 76ms
76ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkSKUMhKUZM_ICYe69u8PwoqasA-gkv2GZoKSxv63D6bO5q2JAhABINHvp0xgkYSghYwYoAGu_52ZKMgBAqkC1nVqsHJusj6oAwHIA8kEqgTyAU_Qd7iCekUoZJRYRJYebYqqicRVT-Ef23uHSNr_Zn0ylZsbRj2OVUocaTASQ7nC7u2O0fFweHJu79VBm05nDxrNvq94YTo7tQMdz8lz-Jumi9YbC5PGf30b_W3yy4uzQ_a_Bc5b9VkRcx63Xndt5ME-qTHDUdLu1VxuxLdxzroR8TNdq6KtDbWSpK5EMCg3WEYqlizymFZtSlm6tQUujaWOxnJ-EcIl01CVKfoAwDJW6oQCUgeyk1rdSon7L_YeQHKzQZxGLHGBVioVUTWL5OorfQi8ecc58waH4ceFt6k2ltHwTKq8rg6di1KijDEZJ7X9wATDnbb14AOSBQQIBBgBkgUECAUYBKAGAoAHrrfu-AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD_rHPSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTQyMTYxODAyNTEyMTg4OTUYAA&sigh=jKsWrA4fhoc&uach_m=[UACH]&cid=CAQSGwBygQiDdzU_BBwzA01SutEs04lYdVsEmhp9qRgB&vis=1

Requested by

Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 22 Jun 2023 09:19:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 22 Jun 2023 09:19:47 GMT

GET
H2 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 75 KB
75 KB 34ms
33ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css?ver=6.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css?ver=6.2.2
Origin: http://maha18.krushinews18.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:47 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4206445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 76736
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-12bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8r7eU1VhkRj3cEw%2BGhcMi3zWyUulD%2BSRtHCO6wzPT9S4epRqBkfSBaZeVzAlC819q%2BWZp34duXXzVa3U%2F3NTW8c7Q20aTB7M4XByp4TUWl391B7G5uFsGgHM2CvTMOTZ3%2FohFsWav0Homun0oDLAWD8"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7db3696379c1b704-AMS
expires: Tue, 11 Jun 2024 09:19:47 GMT

GET
H/1.1 200
OK g.gif
pixel.wp.com/ 50 B
247 B 55ms
25ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.wp.com/g.gif?v=ext&blog=218690735&post=0&tz=5.5&srv=maha18.krushinews18.com&j=1%3A12.1.1&host=maha18.krushinews18.com&ref=&fcp=13872&rand=0.20186589149671041
Requested by: Host: maha18.krushinews18.com
URL: http://maha18.krushinews18.com/
Protocol: HTTP/1.1
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 22 Jun 2023 09:19:47 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
Content-Length: 50
Content-Type: image/gif

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 90ms
90ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230620&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e050289c4f3bc224d875517317aa5dbb3ea6927bd55308d8381dd02dc0b5f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11319
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Jun 2023 09:19:48 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E6C9 42 B
64 B 71ms
70ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1hgpyUPYiJXhOUMbIMjXHBeKMVsmnKqf19YZS3FmRmLXGRmXkLfRGeAyhI5brAGz9Afc2GBrAWtXAJPKdi0dBxaZXS9u7Ok4uZwcZkLvaZeBs_S3NpxH0w1b3sjzgsXcAVBF8IdntTjD6&sai=AMfl-YSSAfZfjlrAzbvvvJHFr4k2M-aDdr5AJy2Raokeoow7JTJqy0Hr4mt6Lcr1pPyb94EprQTK29m9Y2ON&sig=Cg0ArKJSzPfPqIBzDeXBEAE&cid=CAQSGwBygQiDdzU_BBwzA01SutEs04lYdVsEmhp9qRgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1687425586852&rpt=309&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 09:19:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9B04 13 KB
5 KB 33ms
33ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://maha18.krushinews18.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 73301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 12:58:07 GMT
expires: Thu, 20 Jun 2024 12:58:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4F45 783 B
970 B 43ms
42ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f9ef1b5dcda56e8c7880c6e79357d1374f5aa775588bc0ce43a310f75b840da0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WepZDPvDbncV1LMJkAPNBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://maha18.krushinews18.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-WepZDPvDbncV1LMJkAPNBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jun 2023 09:19:48 GMT
expires: Thu, 22 Jun 2023 09:19:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B04 37 KB
14 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 135909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 19:34:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4F45 0
0 67ms
66ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230620&jk=2935169083269437&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9B04 0
10 B 31ms
31ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HH1gbQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 09:19:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 70ms
70ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230620&jk=2935169083269437&bg=!NzSlNGDNAAYQ3eRoMN07ADkAdvg8WkmREQNbYC4C9V0F0EOC9twZQFWgmiDd6wafHnEc1ZfQw_R4Ze6YgYOXRTWgx537dfP5080CAAAAXlIAAAADaAEHmQKpFgD581-zkkiyIoNF9msa9WyZUFDTORm2njchBdO-xE1bAwS4flrsrBoEbaZudG_zNnwMDThlLZOuiyEMz3OcgsNVTUEjoUWondYsElwV_q6UGuDlIlf4eZ7CKIv1cli53jAAiRU1zEfCnqyA0BSm2GRba_L3zdsMiyJUCg9mRHkTj1_fCYpa0binPnupFTL0funLdDAMgEvKT1SeNK5I6YgSpvZXxAJNRoVlnAxJOJ7im0X1FD92CJTSCEUaslpLEHRbqsWAeNSf83bc1cO6449yIbMFBvfUZLzGhtTWH7So5D8rQVDUTBheZtB_ci-uF-DXFdUtmc7v7_skVTjKDuGbJwyS39AqlJimMzB3jOWZLGMPMxNeuE16ajHBx7fafoedyxmtMjHGDM4h4F_6srp4HRSySb6fWVeP74IC8vlFQz8zHKjjfOnkpfWVvBUUG10lyNyh0WSayIPyJ1FEInwwXmnHjQSjRXg3PLRMRnPaTp84g5OnH_5Znb8hnlC_nmqoryHQx1i80go74t3KrSigncz8VYY8cmFxzsIIiLEMq5hzZbok19xM60ezKCyprfT3WnFJvZR5haThY3RQJI4ZVh0lPK4FUimwO5ZYoqUZRs2Z6ogC8E24Zy5sqpXsF7r39afRLWFCOF7iAYk1sXYdyrvJk8vgLu42m58b082mvwgIc9cfxAQQp5j4vSiucnkKeiD3A_Qry2BH9ZEZdV-Lg9NNlcL01F6MFfuBMXNrDkY-t8UkBGDcaP5rdzXeUZfnjdtqX4F6fOtokfP0mUex_506noIHy1u_Qaw1mdVKfecliqNstMXaBYJGv2o81Zb772F-bbu7SDYiXsAMwrrFu7EjpdOgEq0AzJH8OM2XyNkRPgE4UEyT9tcL-k5eArVLuD8eA_Bv
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://maha18.krushinews18.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.krushinews18.com/	1970-01-20 22:19:45	Name: _ga_N5GP019QVQ Value: GS1.1.1687425585.1.0.1687425585.0.0.0
.krushinews18.com/	1970-01-20 22:19:45	Name: _ga_QG5ZN648T3 Value: GS1.1.1687425585.1.0.1687425585.0.0.0
.krushinews18.com/	1970-01-20 22:19:45	Name: _ga Value: GA1.2.1447335161.1687425586
.krushinews18.com/	1970-01-20 12:45:11	Name: _gid Value: GA1.2.300101525.1687425586
.krushinews18.com/	1970-01-20 12:43:45	Name: _gat_gtag_UA_267326896_1 Value: 1
.krushinews18.com/	1970-01-20 22:05:21	Name: __gads Value: ID=789335a4f19c7240-2209887bcbe10034:T=1687425586:RT=1687425586:S=ALNI_Mb2jS1MQ2KJ4jtFxzh1Yv8iQ51gMg
.krushinews18.com/	1970-01-20 22:05:21	Name: __gpi Value: UID=00000c5f00896c8a:T=1687425586:RT=1687425586:S=ALNI_MZUtR_MzTZWVuT8b9OdnolS3Q0Oeg
.doubleclick.net/	1970-01-20 12:43:49	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 22:05:21	Name: IDE Value: AHWqTUnqkZ8M17dqD3x2bJgIJqT_uXsnSlawpw9Q5fuDW64mNhOp7L9qb4t8DLmyz0I

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
cdnjs.cloudflare.com
googleads.g.doubleclick.net
maha18.krushinews18.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
region1.google-analytics.com
stats.wp.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
192.0.76.3
2001:4860:4802:34::36
2606:4700::6811:180e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2004
2a06:98c1:3120::3
2a06:98c1:3121::3
00a4984af7948dad2654079102d2f2cb4406ce03ca5d819a2a83c8e47e7fa3e5
040f3b085d90a31196e1735900340c9e80e1ccbadbad90ce254664f2e2d84bf4
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2
05db96d56969f90368d364da6c464ad073255964267594cb7e2b65b90d385da0
0e050289c4f3bc224d875517317aa5dbb3ea6927bd55308d8381dd02dc0b5f92
0eb197de436f143e43bf3f1ac747530c007e5c0053edfd4972299ee38359a5b0
13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2
15a35988577c42254bcaa7f588dc16bfb4126f4ce8ca8233ccf57572bbcaab56
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf6dc3c4aec0e9af90fec9c73760a65244f2f4c7e349fd89240ff04c25ddc67
1f537195fd6d5e28258d9e655734eade065a8f45f9bd60985c49ec6af3f5e168
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
29234b15f0a9b5c6195bd1c20949fecb305f252510b29fe07730800a454a429b
2bad1ef79dfa76444509a9ed1776b132091ec5e83d552e9a5112eeaa14cdca4b
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
30d53b487ce027cc4f2b2344bad010d43a05408de8d829e4180ab624782a1fa8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32733b1b18c6139ec3de5da93028be1696e9cfd02015f2565bbb0884e08636c5
35bd4d4ff31cfcfd010823b77b34c554723a63dbb6c1223457e2717c2eade505
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
455f948ed5935660aa90c3d90c8ae00ef26801746572c28b69b79884d2878a66
463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2
48834f39635c679e8a324bec17381d621fd58ff52903c376ff196cb29e798fa7
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
54b2a8620f9e3b494c7213553ec29d469d931b0603ab5929e253850cbeb73def
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
630176883a70d1071669a8dcc67c55694bca90972f7a2496b73adc81944faaa9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
784de9d1f99370aef1b22b5d8bcccb33e94a02d170e9726267acc3895615fa55
7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d
7cdb058b73f630297a90240103e4c1ab756c9b19a2c4e6bc5d8ba1bf367930b7
7e545a7e4d7f69a26daa026799b6ab7caea7cfe6aa822b0038f63c14a5f69cf1
7ff4e4543cabde441675612c483d48a55bcb1be650377b07b46dfb3026ce41bf
808af092ebf9a3f9ffa55a0fcb1ec1809ac1a12ffa602e01e4ea91da1d2b5475
81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7
8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b
92d736da79e0204e13207e657b28702287b0d2b0b2ed249bacee97d4c396fb52
95d19d87f29a6ea4e274e3681e839eac392e30647f4d373841c3c9c30749b64b
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9b99921fe4e77ad0817961a884a13f6b7b153753938b76321d028b000bde0990
9db361916c1caea3fb2d6822e3c0be601ddae2202060acf5da4479bbf193e344
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab8517f3d5171dd42a8b9c22af6a2f944b41d00e7ea54ba02b4ed71a6c59e543
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
b131fbd13859f7b786825c4aaab019fa772f2379e5dc038c2aa31074832d4ce2
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
ccef8817515fb358400bc6731cd49d9d3a32ffe8b7f1268fea3bd6ab399b104f
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e342636f14d0c460e9e788edea3d1b6087e7f3a396c637af3b58a47ddf7677eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f137dd23f04f45e314efb957d25483b19520bfb3f7054fd837a7163a7abc175f
f26cf917664e57518348ecfcfd59ba15d8dd1280b10925bc9cc2b42ad77b9a23
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f9ef1b5dcda56e8c7880c6e79357d1374f5aa775588bc0ce43a310f75b840da0
fabde8d15da3f0ac972cf7e369d5057dcc2e14a2f46eef8d72fcb5f61a7b9ee3

maha18.krushinews18.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

75 Requests

77 %HTTPS

93 %IPv6

11 Domains

15 Subdomains

16 IPs

2 Countries

1868 kBTransfer

3912 kBSize

9 Cookies

1 Outgoing links

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

maha18.krushinews18.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

77 %
HTTPS

93 %
IPv6

11
Domains

15
Subdomains

16
IPs

2
Countries

1868 kB
Transfer

3912 kB
Size

9
Cookies

75 HTTP transactions
1 data transactions