globalnews18.in Open in urlscan Pro
134.119.218.58 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://globalnews18.in/
Submission: On November 28 via automatic, source phishtank (November 28th 2022, 12:29:20 pm UTC) — Scanned from DE

Summary HTTP 133 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 22 domains to perform 133 HTTP transactions. The main IP is 134.119.218.58, located in Ascension Island and belongs to VELIANET-AS velia.net Internetdienste GmbH, DE. The main domain is globalnews18.in.

This is the only time globalnews18.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	134.119.218.58 134.119.218.58	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
3 15	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
4 4	104.76.200.221 104.76.200.221	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
133	23

15 134.119.218.58 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
PTR: eu02.mafiaserver.com

globalnews18.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.90 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.76.200.221 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.154.237 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 182	529 KB
30	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 271 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 356	147 KB
21	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 332	209 KB
15	globalnews18.in globalnews18.in	872 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 121 www.google.com — Cisco Umbrella Rank: 16	1 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 705 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 562	5 KB
4	addthis.com 4 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2489	3 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107	3 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 276	4 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 871	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	142 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 84 region1.google-analytics.com — Cisco Umbrella Rank: 1166	20 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3046 onesignal.com — Cisco Umbrella Rank: 1008	73 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 411	924 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1980	415 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 956	796 B
2	gstatic.com fonts.gstatic.com	32 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5200	914 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 106	108 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 787	98 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1265	356 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 961	701 B
133	22

	Domain	Requested by
21	s0.2mdn.net	globalnews18.in s0.2mdn.net googleads.g.doubleclick.net
19	pagead2.googlesyndication.com	globalnews18.in pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
15	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
15	globalnews18.in	globalnews18.in
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net globalnews18.in
5	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	e.dlx.addthis.com	4 redirects
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	image6.pubmatic.com	3 redirects
3	www.googletagservices.com	googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	googleads4.g.doubleclick.net	globalnews18.in
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.onesignal.com	globalnews18.in cdn.onesignal.com
2	www.googletagmanager.com	globalnews18.in www.googletagmanager.com
1	id.rlcdn.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	onesignal.com	cdn.onesignal.com
133	29

This site contains links to these domains. Also see Links.

Domain
generatepress.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.globalnews18.in R3	`2022-10-19` - `2023-01-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh

This page contains 18 frames:

Primary Page: http://globalnews18.in/
Frame ID: 56D3312FEA69518C5EBDA7F760333FB7
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 03644DF6002130F7722E547733A312F2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&adk=1812271804&adf=3025194257&lmt=1669638555&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fglobalnews18.in%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=1&asro=0&dt=1669638555313&bpp=3&bdt=487&idt=286&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=954368420226&frm=20&pv=2&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=300
Frame ID: D7E8B09F262C3A5584FC9D364B8DBA3D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19
Frame ID: AE1F3CD25C0BFFBD1F5F61E400EE5F03
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=3789639019&pi=t.aa~a.3148241678~rp.4&w=799&lmt=1669638557&nsk=1813271d&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=0&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0%2C799x581&nras=3&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=4224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ZTtTwzImdr&p=http%3A//globalnews18.in&dtd=25
Frame ID: E5F5AC6B1B163F7F79F358842F9E42D7
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: 26DA5385481B7A90D384889A9D38815C
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ8tzf9QEYquGrugEwAQ&v=APEucNU-8hVHkmWxFEQkJIDVMBS6ZMQK4JJMEWimD4DA6t43oqvLAknlEH_p3UN5SqemuQC0DB0OQkZrdcRb4wFskIRU3dNTGf4PEldO7XOTrKPJhBeOxpEJ3jv_tkJbSER3c1gV2ntrA0kRwfQNhWeUyRn6XJldpqmQ5yCC8uh2Po9LHK1rz58
Frame ID: 6104BF8BED1BE674E10E99F318324884
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html
Frame ID: AC32D1BFA232DEE3B14552D359B99C86
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B7922B391AF4C84E39ABAFB833E34B85
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Frame ID: 4D921818D5B2D9C7C961881B177FDAEE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 74B94A76EEE87AC2E3D26624A9613FED
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 174D28A85470924316A97DFE9F4DB6E7
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 124969B76EEA665F081DAE193F95D87D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 04A25B987822128C2D2144B47D6C45BF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Frame ID: 364F74AD42A345C7100989BC34B1ECF9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Frame ID: 3D551EC504B19E67FF5D16D4D2BFCBF8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6D6A5F8471E5E788C3147E07D4F76F56
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F499B498291676AA713EE73DD99C05C5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Global News18 - Global News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

133
Requests

83 %
HTTPS

54 %
IPv6

22
Domains

29
Subdomains

23
IPs

5
Countries

2142 kB
Transfer

4757 kB
Size

27
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECXujU0KcgzfJbPcEkQyG3s&google_cver=1

Request Chain 47

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4SpnbkEP4DD1sYNj6ks7gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECXujU0KcgzfJbPcEkQyG3s&google_cver=1

Request Chain 48

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPQx-cZ5rAalz-1ow9MV1mE&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPQx-cZ5rAalz-1ow9MV1mE%26google_cver%3D1

Request Chain 49

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY4OTAzNTkzNTgxNzU0NDI3NQ%3D%3D

Request Chain 93

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FY13nKi6smQucG5muVHqVDEO8QefjNTdNUQ5Q1boZiQSjvH7o5rMwY3x2SQNl74D9FX-t6IToBx_6OUmCNSXdqAhl1vBUPM&google_gid=CAESEBPIUFu1_OaD8WDkieyTYPk&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FY13nKi6smQucG5muVHqVDEO8QefjNTdNUQ5Q1boZiQSjvH7o5rMwY3x2SQNl74D9FX-t6IToBx_6OUmCNSXdqAhl1vBUPM&google_gid=CAESEBPIUFu1_OaD8WDkieyTYPk&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjgxMjI5MTgwMDA1NjU4NjU4MTQzOQ%3D%3D&google_push=ASkJ3FY13nKi6smQucG5muVHqVDEO8QefjNTdNUQ5Q1boZiQSjvH7o5rMwY3x2SQNl74D9FX-t6IToBx_6OUmCNSXdqAhl1vBUPM

Request Chain 96

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFPOYsd4qQ-3-3zz29zumzI&google_cver=1&google_push=ASkJ3FaT-DtNFMhX93sht4oh4hFVI0v6xHPHMFEz7tc0XUBVFkkGkfTQBfTpOtQkwSlKjDofzGGSpHJ_ckddRcf7vaSVFmIjPTBB HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFPOYsd4qQ-3-3zz29zumzI&google_cver=1&google_push=ASkJ3FaT-DtNFMhX93sht4oh4hFVI0v6xHPHMFEz7tc0XUBVFkkGkfTQBfTpOtQkwSlKjDofzGGSpHJ_ckddRcf7vaSVFmIjPTBB&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gz5C-YXNTnmRF7r_BlIuLw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaT-DtNFMhX93sht4oh4hFVI0v6xHPHMFEz7tc0XUBVFkkGkfTQBfTpOtQkwSlKjDofzGGSpHJ_ckddRcf7vaSVFmIjPTBB

Request Chain 97

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBTxf4k21qe0wLtG5DFf5aQ&google_cver=1&google_push=ASkJ3FYGHUKUnQVKwBLYZGOjTFXZA2YvGi0TDI5eJS78SN7JwJ55FB2R3XSIwhhcbLjovu0Vg4DYBPxghKt5vatLf0Uo3ZJLnYN0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwUk9TVzMtMTQtTE1FQw==&google_push=ASkJ3FYGHUKUnQVKwBLYZGOjTFXZA2YvGi0TDI5eJS78SN7JwJ55FB2R3XSIwhhcbLjovu0Vg4DYBPxghKt5vatLf0Uo3ZJLnYN0

Request Chain 98

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEChG0COfI8mFvIFWUTEtcS4&google_cver=1&google_push=ASkJ3FbLiprIkMFcH8PpUN7DiFUh_xVuOAK92d3ucvhJ5MYHK2MSCppGkM3IOGkGQbltcMZ4zwbjYO5GwAf-3oqJvWqEf2cZVttZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEChG0COfI8mFvIFWUTEtcS4&google_hm=Y4SpnbkEP4DD1sYNj6ks7gAACEkAAAIB&google_nid=index&google_push=ASkJ3FbLiprIkMFcH8PpUN7DiFUh_xVuOAK92d3ucvhJ5MYHK2MSCppGkM3IOGkGQbltcMZ4zwbjYO5GwAf-3oqJvWqEf2cZVttZ

Request Chain 100

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 116

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKOxNXZh5cazUhXprJyAYdY&google_cver=1&google_push=ASkJ3FaJCwkfQuBwGyVwM4LPZK5tIokhx4_Ov7jtkCv-aId9msm5Zy3l2bgC_09BdnWn5BL52jbTgBdkYuU-vmyZZJ1iLp2oKSYc-A HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FaJCwkfQuBwGyVwM4LPZK5tIokhx4_Ov7jtkCv-aId9msm5Zy3l2bgC_09BdnWn5BL52jbTgBdkYuU-vmyZZJ1iLp2oKSYc-A&google_hm=J9ZJb4Zgu_jWGDhsr16qog

Request Chain 118

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FYuNfcUyW-nI0L4wQ58xyNuNC7pO0QxUjBGztkGHptCh-EsX8Dv5lRxUupI9b0UwVS-YLLbkxi0CDjwGYVSJZCQ5nlL8cMm2Q&google_gid=CAESEE9fhNyYqFPfz1fOsTu9pbE&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FYuNfcUyW-nI0L4wQ58xyNuNC7pO0QxUjBGztkGHptCh-EsX8Dv5lRxUupI9b0UwVS-YLLbkxi0CDjwGYVSJZCQ5nlL8cMm2Q&google_gid=CAESEE9fhNyYqFPfz1fOsTu9pbE&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjgxMjI5MTgwMDA5NjAzNjg5NjI1Mw%3D%3D&google_push=ASkJ3FYuNfcUyW-nI0L4wQ58xyNuNC7pO0QxUjBGztkGHptCh-EsX8Dv5lRxUupI9b0UwVS-YLLbkxi0CDjwGYVSJZCQ5nlL8cMm2Q

Request Chain 120

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEM7hpBKzD_opNobiHq1ZayA&google_cver=1&google_push=ASkJ3FY0btzw4RDMda3mS6T6GjvppWT8Ohbqpqhf20qT7xnkaLJZXl1c5WZGu9FsjPnw9ZCNa9E41YvQqdvOutDroC8Tb9dojIzNrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gz5C-YXNTnmRF7r_BlIuLw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FY0btzw4RDMda3mS6T6GjvppWT8Ohbqpqhf20qT7xnkaLJZXl1c5WZGu9FsjPnw9ZCNa9E41YvQqdvOutDroC8Tb9dojIzNrw

Request Chain 121

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBLKFPWHw3RWYuWQSLLK_EY&google_cver=1&google_push=ASkJ3FbK0NxntyqoFbIFurZaoa9SnfsaD5a981PRSmtaRVrxC7NE58MvYJyMerG0zyQRxFAHRwypG0s8wM2poh0MLelKX7nWBODmdg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwUk9UMFctMUYtSlJHMQ==&google_push=ASkJ3FbK0NxntyqoFbIFurZaoa9SnfsaD5a981PRSmtaRVrxC7NE58MvYJyMerG0zyQRxFAHRwypG0s8wM2poh0MLelKX7nWBODmdg

Request Chain 122

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBrWS4LGr63lQ4uQoBrLR5A&google_cver=1&google_push=ASkJ3FZI8iJLjlX9q2drVKFETH_amK5Xt3kSTcx6IZ7RQRkYGNb3XUWA_qljH-8V1p1dzi2QcrWN2xX2Gw62x1xlTFu5DoNxn-tzrQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBrWS4LGr63lQ4uQoBrLR5A&google_hm=Y4SpnbkEP4DD1sYNj6ks7gAACEkAAAIB&google_nid=index&google_push=ASkJ3FZI8iJLjlX9q2drVKFETH_amK5Xt3kSTcx6IZ7RQRkYGNb3XUWA_qljH-8V1p1dzi2QcrWN2xX2Gw62x1xlTFu5DoNxn-tzrQ

Request Chain 124

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

133 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
globalnews18.in/ 127 KB
23 KB 225ms
183ms Document
text/html 134.119.218.58
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: http://globalnews18.in/
Protocol: HTTP/1.1
Server: 134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: eu02.mafiaserver.com
Software: /
Resource Hash: 730d638bfcb45de0dea243da354a54f2d53144815096e32cb2fe53fc20ca7c87

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: public, max-age=600
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 28 Nov 2022 12:29:14 GMT
Expires: Mon, 28 Nov 2022 12:39:14 GMT
Link: <https://globalnews18.in/wp-json/>; rel="https://api.w.org/"
Transfer-Encoding: chunked
Vary: Accept-Encoding,User-Agent
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK style.min.css
globalnews18.in/wp-includes/css/dist/block-library/ 93 KB
13 KB 85ms
45ms Stylesheet
text/css 134.119.218.58
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: http://globalnews18.in/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: globalnews18.in
URL: http://globalnews18.in/
Protocol: HTTP/1.1
Server: 134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: eu02.mafiaserver.com
Software: /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:29:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Nov 2022 22:03:54 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 12489
Expires: Wed, 28 Dec 2022 12:29:14 GMT

GET
H/1.1 200
OK classic-themes.min.css
globalnews18.in/wp-includes/css/ 217 B
519 B 86ms
46ms Stylesheet
text/css 134.119.218.58
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: http://globalnews18.in/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: globalnews18.in
URL: http://globalnews18.in/
Protocol: HTTP/1.1
Server: 134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: eu02.mafiaserver.com
Software: /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:29:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Nov 2022 10:05:19 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 188
Expires: Wed, 28 Dec 2022 12:29:14 GMT

GET
H/1.1 200
OK main.min.css
globalnews18.in/wp-content/themes/generatepress/assets/css/ 19 KB
5 KB 85ms
45ms Stylesheet
text/css 134.119.218.58
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: http://globalnews18.in/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.1.3
Requested by: Host: globalnews18.in
URL: http://globalnews18.in/
Protocol: HTTP/1.1
Server: 134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: eu02.mafiaserver.com
Software: /
Resource Hash: 33a3b2b4bb13ccc6ea24e09ac28cf3934212a8191289ff8e032b8a25d84997f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:29:14 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Jun 2022 11:11:48 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4664
Expires: Wed, 28 Dec 2022 12:29:14 GMT

GET
H/1.1 200
OK jquery.min.js Show response
globalnews18.in/wp-includes/js/jquery/ 88 KB
31 KB 86ms
45ms Script
application/javascript 134.119.218.58
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: http://globalnews18.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: globalnews18.in
URL: http://globalnews18.in/
Protocol: HTTP/1.1
Server: 134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: eu02.mafiaserver.com
Software: /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:29:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Nov 2022 10:05:21 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 31046
Expires: Wed, 28 Dec 2022 12:29:14 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
globalnews18.in/wp-includes/js/jquery/ 11 KB
4 KB 87ms
45ms Script
application/javascript 134.119.218.58
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: http://globalnews18.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: globalnews18.in
URL: http://globalnews18.in/
Protocol: HTTP/1.1
Server: 134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: eu02.mafiaserver.com
Software: /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:29:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Nov 2020 13:36:06 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4168
Expires: Wed, 28 Dec 2022 12:29:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 142ms
56ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-232400953-1

Requested by

Host: globalnews18.in
URL: http://globalnews18.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9e387d5e4df78a6e51b677bc7e1e84729a28f9dfdab13cfa23f17a6b0555fe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43679
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 28 Nov 2022 12:29:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
48 KB 209ms
124ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7309336351038481

Requested by

Host: globalnews18.in
URL: http://globalnews18.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2baf5293971a6ee7bcf4d6efe6a20e9a4e39c6b6da7933eafd8e7a62b380d0cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://globalnews18.in/
Origin: http://globalnews18.in
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49095
x-xss-protection: 0
server: cafe
etag: 9106765919528038000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 12:29:15 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
globalnews18.in/wp-includes/js/ 18 KB
5 KB 43ms
41ms Script
application/javascript 134.119.218.58
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: http://globalnews18.in/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: globalnews18.in
URL: http://globalnews18.in/
Protocol: HTTP/1.1
Server: 134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: eu02.mafiaserver.com
Software: /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:29:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Apr 2022 09:26:24 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 5021
Expires: Wed, 28 Dec 2022 12:29:14 GMT

GET
H2 200 cropped-cropped-cropped-photo_2022-07-15_15-01-21.jpg
globalnews18.in/wp-content/uploads/2022/07/ 9 KB
9 KB 142ms
42ms Image
image/jpeg 134.119.218.58
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://globalnews18.in/wp-content/uploads/2022/07/cropped-cropped-cropped-photo_2022-07-15_15-01-21.jpg
Requested by: Host: globalnews18.in
URL: http://globalnews18.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: eu02.mafiaserver.com
Software: /
Resource Hash: b725f35e308def4736aad3486c46c935a0ae3699b5d7c6841e0ec12bb1b82149

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:15 GMT
last-modified: Fri, 15 Jul 2022 09:34:49 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 9182
expires: Wed, 28 Dec 2022 12:29:15 GMT

GET
H2 200 photo_%E0%A5%A8%E0%A5%A6%E0%A5%A8%E0%A5%A8-%E0%A5%A7%E0%A5%A7-%E0%A5%A8%E0%A5%AE_%E0%A5%A7%E0%A5%A7-%E0%A5%A6%E0%A5%A9-%E0%A5%A7%E0%A5%AC.jpg
globalnews18.in/wp-content/uploads/2022/11/ 166 KB
166 KB 178ms
79ms Image
image/jpeg 134.119.218.58
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://globalnews18.in/wp-content/uploads/2022/11/photo_%E0%A5%A8%E0%A5%A6%E0%A5%A8%E0%A5%A8-%E0%A5%A7%E0%A5%A7-%E0%A5%A8%E0%A5%AE_%E0%A5%A7%E0%A5%A7-%E0%A5%A6%E0%A5%A9-%E0%A5%A7%E0%A5%AC.jpg
Requested by: Host: globalnews18.in
URL: http://globalnews18.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: eu02.mafiaserver.com
Software: /
Resource Hash: f9d19dad2735ab61ad8b8163896814cbb77a8bbfb7282a0bd6873eb4b30f631d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:15 GMT
last-modified: Mon, 28 Nov 2022 05:46:55 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 170309
expires: Wed, 28 Dec 2022 12:29:15 GMT

GET
H/1.1 200
OK app.js Show response
globalnews18.in/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/ 6 KB
2 KB 53ms
52ms Script
application/javascript 134.119.218.58
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: http://globalnews18.in/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12
Requested by: Host: globalnews18.in
URL: http://globalnews18.in/
Protocol: HTTP/1.1
Server: 134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: eu02.mafiaserver.com
Software: /
Resource Hash: 56fa3579291144f224e0680a0f30f3d3c627f4c8825ec9fab32f3a13ae935f60

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:29:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 03:00:02 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2014
Expires: Wed, 28 Dec 2022 12:29:14 GMT

GET
H/1.1 200
OK menu.min.js Show response
globalnews18.in/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 50ms
50ms Script
application/javascript 134.119.218.58
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: http://globalnews18.in/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3
Requested by: Host: globalnews18.in
URL: http://globalnews18.in/
Protocol: HTTP/1.1
Server: 134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: eu02.mafiaserver.com
Software: /
Resource Hash: 775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 12:29:14 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Jun 2022 11:11:48 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1647
Expires: Wed, 28 Dec 2022 12:29:14 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 149ms
52ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.1.1

Requested by

Host: globalnews18.in
URL: http://globalnews18.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:15 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 257
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 77131ba94c4ebbda-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Dec 2022 12:29:15 GMT

GET
H2 200 photo_%E0%A5%A8%E0%A5%A6%E0%A5%A8%E0%A5%A8-%E0%A5%A7%E0%A5%A7-%E0%A5%A8%E0%A5%AD_%E0%A5%A7%E0%A5%A6-%E0%A5%AA%E0%A5%A6-%E0%A5%A7%E0%A5%A8.jpg
globalnews18.in/wp-content/uploads/2022/11/ 118 KB
118 KB 243ms
201ms Image
image/jpeg 134.119.218.58
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://globalnews18.in/wp-content/uploads/2022/11/photo_%E0%A5%A8%E0%A5%A6%E0%A5%A8%E0%A5%A8-%E0%A5%A7%E0%A5%A7-%E0%A5%A8%E0%A5%AD_%E0%A5%A7%E0%A5%A6-%E0%A5%AA%E0%A5%A6-%E0%A5%A7%E0%A5%A8.jpg
Requested by: Host: globalnews18.in
URL: http://globalnews18.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: eu02.mafiaserver.com
Software: /
Resource Hash: bec5be05b7f0f25e8010b06aab95e1fdfd88c1876297c9b99b11f55fa6e5c15e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:15 GMT
last-modified: Sun, 27 Nov 2022 05:52:48 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 121016
expires: Wed, 28 Dec 2022 12:29:15 GMT

GET
H2 200 63826c1296192.jpg
globalnews18.in/wp-content/uploads/2022/11/ 208 KB
208 KB 208ms
206ms Image
image/jpeg 134.119.218.58
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://globalnews18.in/wp-content/uploads/2022/11/63826c1296192.jpg
Requested by: Host: globalnews18.in
URL: http://globalnews18.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: eu02.mafiaserver.com
Software: /
Resource Hash: e9a0668cde46f12b00b38fb7332aa8f2e2d5a3aa8b7fbbdd454bf6fb63528a11

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:15 GMT
last-modified: Sun, 27 Nov 2022 04:22:58 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 212760
expires: Wed, 28 Dec 2022 12:29:15 GMT

GET
H2 200 photo_%E0%A5%A8%E0%A5%A6%E0%A5%A8%E0%A5%A8-%E0%A5%A7%E0%A5%A7-%E0%A5%A8%E0%A5%AC_%E0%A5%A7%E0%A5%A7-%E0%A5%A8%E0%A5%AD-%E0%A5%AB%E0%A5%AF.jpg
globalnews18.in/wp-content/uploads/2022/11/ 147 KB
147 KB 212ms
210ms Image
image/jpeg 134.119.218.58
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://globalnews18.in/wp-content/uploads/2022/11/photo_%E0%A5%A8%E0%A5%A6%E0%A5%A8%E0%A5%A8-%E0%A5%A7%E0%A5%A7-%E0%A5%A8%E0%A5%AC_%E0%A5%A7%E0%A5%A7-%E0%A5%A8%E0%A5%AD-%E0%A5%AB%E0%A5%AF.jpg
Requested by: Host: globalnews18.in
URL: http://globalnews18.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: eu02.mafiaserver.com
Software: /
Resource Hash: a82e9bbc53dabf26a2e0aa61a301e8a7b5438a86679820250923d74c6ac241d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:15 GMT
last-modified: Sat, 26 Nov 2022 06:10:24 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 150403
expires: Wed, 28 Dec 2022 12:29:15 GMT

GET
H2 200 photo_%E0%A5%A8%E0%A5%A6%E0%A5%A8%E0%A5%A8-%E0%A5%A7%E0%A5%A7-%E0%A5%A8%E0%A5%AC_%E0%A5%A7%E0%A5%A6-%E0%A5%A9%E0%A5%AD-%E0%A5%AA%E0%A5%A9.jpg
globalnews18.in/wp-content/uploads/2022/11/ 137 KB
137 KB 212ms
211ms Image
image/jpeg 134.119.218.58
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://globalnews18.in/wp-content/uploads/2022/11/photo_%E0%A5%A8%E0%A5%A6%E0%A5%A8%E0%A5%A8-%E0%A5%A7%E0%A5%A7-%E0%A5%A8%E0%A5%AC_%E0%A5%A7%E0%A5%A6-%E0%A5%A9%E0%A5%AD-%E0%A5%AA%E0%A5%A9.jpg
Requested by: Host: globalnews18.in
URL: http://globalnews18.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS: eu02.mafiaserver.com
Software: /
Resource Hash: 8911f50f94b85ddf865720cb3478201c8bee7b9ced925db3a099beb1e91b6cad

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:15 GMT
last-modified: Sat, 26 Nov 2022 05:14:31 GMT
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 140525
expires: Wed, 28 Dec 2022 12:29:15 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 62ms
59ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:15 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 262
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 77131ba9ed7bbbda-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Dec 2022 12:29:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 132ms
39ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-232400953-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 11:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4401
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 28 Nov 2022 13:15:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 177 KB
65 KB 57ms
54ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D2YKRE48J3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-232400953-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b069fcfa1d6f12e020d870473a5b9ca2104a7ae63c237b8b80fe6fb7d83ba250

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66652
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Nov 2022 12:29:15 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/ 354 KB
116 KB 184ms
102ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309336351038481&plah=globalnews18.in&bust=31070968

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7309336351038481

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02afd1162542e3ac4fa9e3a3cd7b3c9b552f30a274e34fd5da7b2533192b9c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119220
x-xss-protection: 0
server: cafe
etag: 1999672339182797297
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 12:29:15 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 0364 10 KB
5 KB 125ms
37ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7309336351038481

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://globalnews18.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6428
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 10:42:07 GMT
etag: 10353107486223812946
expires: Mon, 12 Dec 2022 10:42:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 web Show response
onesignal.com/api/v1/sync/9d6c3ec4-021b-4a70-81a2-8be7c1a891cf/ 3 KB
2 KB 68ms
56ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/9d6c3ec4-021b-4a70-81a2-8be7c1a891cf/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74d4330148432b4d2cb33b29fda64b4aeed403d413ba88a0839ba83ea84fb1d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:15 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 1288
cf-polished: origSize=3310
status: 200 OK
x-envoy-upstream-service-time: 28
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 2984792d-d04a-4a83-beab-187e0ab337bf
x-runtime: 0.026095
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"584741c3ddcde18b3a177ae1ca905a8d"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 77131bab48aabbda-FRA
access-control-allow-headers: SDK-Version
expires: Mon, 28 Nov 2022 13:29:15 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 128ms
44ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D2YKRE48J3&gtm=2oeb90&_p=267565486&gdid=dZTNiMT&cid=233162662.1669638555&ul=en-us&sr=1600x1200&_s=1&sid=1669638555&sct=1&seg=0&dl=http%3A%2F%2Fglobalnews18.in%2F&dt=Global%20News18%20-%20Global%20News&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D2YKRE48J3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://globalnews18.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 120ms
44ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=267565486&t=pageview&_s=1&dl=http%3A%2F%2Fglobalnews18.in%2F&ul=en-us&de=UTF-8&dt=Global%20News18%20-%20Global%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=485116875&gjid=1311118152&cid=233162662.1669638555&tid=UA-232400953-1&_gid=2089359347.1669638555&_r=1&gtm=2oub90&did=dZTNiMT&gdid=dZTNiMT&z=880893676

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://globalnews18.in/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://globalnews18.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
701 B 168ms
47ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=globalnews18.in&callback=_gfp_s_&client=ca-pub-7309336351038481&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309336351038481&plah=globalnews18.in&bust=31070968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9d17f73abf931768b3843eab00db6d0017a7801a0843d3f9249fa9e2c057758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 151ms
47ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=globalnews18.in

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 136ms
46ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=globalnews18.in

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D7E8 41 KB
14 KB 1545ms
1468ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&adk=1812271804&adf=3025194257&lmt=1669638555&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fglobalnews18.in%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=1&asro=0&dt=1669638555313&bpp=3&bdt=487&idt=286&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=954368420226&frm=20&pv=2&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62f335660f075981bb795657514c44aada2d9759e5c6df150cba6582cc1aff74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://globalnews18.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 14187
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 12:29:17 GMT
expires: Mon, 28 Nov 2022 12:29:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/ 150 KB
51 KB 100ms
100ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/reactive_library_fy2021.js?bust=31070968

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb82a1248272de94c2343fbd363aec666c162271d2491039636a1132b0eb4aa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52281
x-xss-protection: 0
server: cafe
etag: 15620131689006189473
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 12:29:17 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 132ms
56ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=globalnews18.in

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 124ms
47ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=globalnews18.in

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AE1F 115 KB
44 KB 1147ms
1147ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64ec59fb0df50c830e023c4f32ff0235cb6e48b6d10d8285b700d8084512365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://globalnews18.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 44873
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 12:29:18 GMT
expires: Mon, 28 Nov 2022 12:29:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E5F5 115 KB
44 KB 794ms
793ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=3789639019&pi=t.aa~a.3148241678~rp.4&w=799&lmt=1669638557&nsk=1813271d&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=0&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0%2C799x581&nras=3&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=4224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ZTtTwzImdr&p=http%3A//globalnews18.in&dtd=25

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac36cc3ca01b777cd0b5f40724a6b47ca0330afebff3ae8305279657f8aba02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://globalnews18.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 44794
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 12:29:18 GMT
expires: Mon, 28 Nov 2022 12:29:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame 26DA 10 KB
4 KB 37ms
37ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://globalnews18.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 10:43:57 GMT
etag: 10353107486223812946
expires: Mon, 12 Dec 2022 10:43:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6104 624 B
242 B 76ms
75ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ8tzf9QEYquGrugEwAQ&v=APEucNU-8hVHkmWxFEQkJIDVMBS6ZMQK4JJMEWimD4DA6t43oqvLAknlEH_p3UN5SqemuQC0DB0OQkZrdcRb4wFskIRU3dNTGf4PEldO7XOTrKPJhBeOxpEJ3jv_tkJbSER3c1gV2ntrA0kRwfQNhWeUyRn6XJldpqmQ5yCC8uh2Po9LHK1rz58

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 12:29:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 26DA 82 KB
34 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Djy0z6MJnhgE0_aNyhQHEk_dKapBiVLvYZ3nCd_Ip-Qy-q2VVkQ0hai1xHO5RnqmSfTPVAB3cSfVWRbtO7nEl_4iyT7E5i1GK8xQKuKWcxEspMEX5IfUGpjD01Xr5Rh6S1wQb602Wpp-bYERpb5prQP8j9yChEnM7fjLAPNETkzD8BFTs&cry=1&dbm_d=AKAmf-Ck9MncEDLTr-Di4GVa_VMh0cHwzle-bVGJ_Td-yJqX5ZC7MgqKLWIXDlPzbsC5EiOFMVE4mWcq3PT7oy1o0BdmxHJ4Itsrs1D5IvDo-G7Uiw5hxyph2M_Wo3RI-Sx_2iH4lfaIQvfqVBTwEvjUBnHajs06aYzBf_xJzrxagXwayOBSNYQxjphbYuoxxB63REuPCmWRRYSthdjZG-VaQEnO4OHrbNUAwUCbzUWeRERMNrzzydIT-rrKARYPRpWxblKEdetEMLf_iol8EbAhTZjvzR1fLzTgpS4_wl656zGgURxkMgxO4vwjV2ds_Q_NmcVTNr8mdRQnkj8ZmciQVPDDErY2gyPZB1GCo0RPldNb5dgVg11-eMGVUzOMj1L_GjcPm1ufUrF6SxSx6Gcu3pOUb08jZtpeBXYRAO2gOYVgHgeiJb0A3m7L1LogUgVaTMkNHA0EPJvZdQa2YaAPTcj99Q0UPtpVXtg05Jy_TY0sE2dM_VLhUKrW9dAZSkllQZVAHo1LpByyO2dNNGPDHcdN3s_1QrLWZGM8T3fjLy4se0--9rADD1LDN5TMGn_Gxw9OlVNbjXK2SfcNdyKNZhVR7cl_yxxkW7cdmIeAz8uaF9cGvt8vookWc33doFkHi9xq_fAcZVcoiTL5txH_kE_yvULKPxryFXR3q50Ru2h45IIQqInKLKUWxcIzFADdmc4qRj26T9DvIp0lNxfpPKCoG3K42oNP4TZHktoZTui-y0Inm8dGTdPwjmyvTUzIcUb-2w7Eh9V0Ez2tCidnVPn2GDf6ZkdMsxeS9VWhbrlcA-yoeLoZsZLyu2eo3-E0P2rzJSwt0I8JA0l0PqvjckugVPbOGK6pqXZnEfawP4vErF97GHcijjM5T69MmV1CSRReuW5SsIk56ydR17AW8y5WKvWZ8sR9H8MLcYyY6u74aYY4Asbq_yXmYYXKh95LIcPrDR7FI6wqtAPW-iia2B0k0TdMCQRIx23vGId6nXnd9km_E-dMFOn4Zxw_hEY-fYbvqscCDkM6HgrObmTblPo0xLgMuVaDy3a4UG45WrghEWyDnVsA8D7nk5nnY--EZ1fbrNKWpg9AHtH1sZa5xu6wGb0ry1znrF06UTJXETuDSi4d8pi-8uG7ku9fArjCb4UgCmo9wqEZQ7lwte7kWQLe1SPwVxveJqLfgjXt0QjPGIq9ZAhHcgTa9hM6qpXefL3Y1oHo8EXBCobCDfMEG40sZ51nD3ERNHG-I7l8j7rcreX2nmSp9hXvC1c6Q7B9JjQuNRpYjFt2BbmviYi4TvAYh-0pealdvfbpkHe2wR3v4pNbapkRygCrp-16NQsvbPaV1TTpJHmQIuPoXCL2A2nZolseOXZn-UhH6gM4NfsCTerWyWKmMGJAS3YFG1G2Q8TDwKj2OgsD9DVteu0dtbjYNVuKim5WCEHXBt5B7yUNnXhN8jcD2rV8Wu6g3TJXU6QclJSRXte-SLKuQ1JOuuTYUuoe-JCeY3TX0OaP1iZxJLFNjMHTFkIeUlUNx10YrRchC2RDS5C9qRpVgQz2fAibVGCciBeUuch66CTvgsFYdTYlNaqNaS6KxiU8fXTHp0Y6BJRY6AOhcTOyEYPzH2W9AUBPy4VFfoUMJg_3RWlSHQWrbyvfq4HrnvOB09GBzqFtq9aX19A4RWFRD-ylSP63aXomzqpwdTmTDC3z4GQChr8Vd7gfaBuY-w3SlDf3fFSq8wcjzJTyMLcBj851dumrYeJIdCyydVOv639O5ZrTaNlbM6ghvwGLuXs1DtQxH0Z0vgWdsG1ZLt28nIYe64CYQe1QB3TYaJoOaMVuN1qAcU35Y70gT0Bjdyc6mlV2atsBFQuaZ3lU4M2XFdbsSG_8__iX7Uzhz2jwcmvR2r7dcD9-UhIzktKBsDug0I_yZXL14PKIs8hBRhtA3vWhkSrs03JcHKAOvVM3lUDqslUKUoPj5ulzqlkgLNjugAEH5ZsgzR9bmtiOHLla9f7YtWbZ28m2kuZ6VrVsfvw2MJe155BGiZ0JigxD4mCF2BMWRFmm1DjhhSBHzjeaIhZwjwpmG6hkYE2rEEYMoPX8bcBxzKp5Ii-gFAFjIV3dwvkjQzQqUPWiLgvgKlGm_vi5RWJ_cJWYfTyhBcnXfeBwXXzexxE-b7sWXymZQfDRZecdr93ERmF7YKGM3pNYZGt_u94vprwLDSKEvjpuIO-Nv0izMwVDRyIB6tQhAfSiinT2yo1xZmPMb6JF0Y_1fP-PRtAZraPQqn-AY1HINWcY9URg-GVPkItN9ypOMug55tIO5otS--oiVJGyo03Rb_COamILgOtQ7iyj98JeQAQAsQzuBCKSJ7XBWa1U4v95vuabsr7uvB2Jjjw4ETQaaDLZAbBuUh5BiS5XM5L2M3LdJWKDcaqbwxGk3JHRfZYlZh8T4IlxHoucx8VVoij4FcOwppPFAqfmxrlTB22AkB4M6RnJWA69VYK3iKdBY3Jti4q2gGGECujsg5W93qsriRi1oy2j-5N6oNNYDvFGiYBSmDpwh5-VFgHmlXsyH3JSI_h8LvRFK3LLr_0QhxRki-JVzrxen3zZWiOukgcCf78eBEk6bZMeEFcJfvAptZEoiY_zmPvScjpueVjghzo485lhm3IW25vih4MmP9SoGtA-43GZaQfi0CCUBToHVwPWeXGIME0WTrtB3QNNcn6zeTvyFUQj0GqBoBN1RO3zO1eZqQCs71kuUKz16pxF_DqObj_gVxkbHSMB4uVaqPTcqot1VLOPXfcQbSrATFl8uzq8UxirJD47kJD8hkhJ_YDS5LXjFErVcRrBX21cBszHqiOPdBZ8dwcGYVAdKB09UCbITCycMZ7ckegaUiWBRJ_zkL7-UsEqM9JTSuCYfqGsdKT3lL2fWwZwd2yjZbXvBRj7K-wyyZBY58rk86UptBhU92NX6JN7RpDTC-syyQimJlb7zyhngCNm-miMf9jfQx_0OHr7xOO5V4dLegROW8ipsid2XFM2eMm_To7e_5YHcR-Anndd9a-_GNzht3CTWgOdc-yNaQAT047iFSs9UFBCv7J-i8yutr7aXphOr2tznPt8Ou5K2aBS7BI2lHPztQCHQrd-8xK0vQ5jAZwUN94AkiA3eAmfG2W4C6zgNpIxIbbFL_fD_lZ3SG981QYrSibj5lM0oFS1hb9TeRJ-2alQj57di1_WRb_k9OsJIHQBuZo588kh_uCih0-2rw-iPa-G2Md72TkgxDErBOE6tpf-805oo2K7d6CAaVy18JWT2s3YR5dIn-g6oGucmvveuxDtoaWldytKs35AFSgvAydKgTZOPtIogkCjQcYhHZ-UFF92UE2Bm9w-pf2DI5NjzoW6-k0o04jicikLEAytvRMqDSI6CKPLveZI8EB7nzM5ivE3AvHxzTze24gzOf_yRHk5OVloO9HPSYPLgWBdDcuLpQH-e3bHYEtn3tpCVQ47SBlrjTEUifnXmcEcsAaqlh8x1XcE3HYODc_13YzO-7UiKkZeOx91zGdfFP4heLIlvq6QHhtzS-970-t8_nQX_QhdO6W3FshLrePrZks9WcxZ3N4MRqvlintf2xQXrY3lWSmuz8WShFMjLHEA0MzUYET8wfXJATaSAdsJP_U6AA66TS6ajrDzXiRmYOmdq-1rY4F8Ab-IAZ47LraR8wHKmYAAypNenp5cNPlJj-iK51klRhow3UeCmleeweKGUHPjJ84VII8LMmwFQH3KLrRcFjRUM7wT9DHIgmkbNH98UF6R7iALe4RSiAFDA6gi7_0bAg9iWksEF56Vc-AulZebupdYq_NIU8b8OzRORjWCtohYOzeK7a6eetiDmOc-Sl4VLLBxbLEbgV_rZJqm77f1ufmGwt-dcUoRBFO13xuMNf_8IKR90EW-B24IL_zo32XYP1wYNJIRtgeUlHgTo3panypsBjAwPbExUlCoXPZ5xW8gYfJbC5NPseGDYcb4ZZyM2TWLeDAFgzRnIAdIkkufCSw_HH7E3OU3aDQxcrlliem19AV3M4GQ4C1w6usrI91Q5p0WW2FBVty0GQ&cid=CAQSGwDq26N9KvHZf9wIh_HO5ZMyBWhzRi7AL6obvRgBIBM&rfl=1%2Chttp%253A%252F%252Fglobalnews18.in%252F%240

Requested by

Host: globalnews18.in
URL: http://globalnews18.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

047191068f968fc097c17373538842db15424538e787364b06ae45766e444eb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34498
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 26DA 42 B
63 B 72ms
71ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D6tuKnt2Yvo8H7VfTMOiPQGMZwVfA5wdoSGwoEUhXxsSNU7JatOk4en14tW2E-JfCp3lVAdiDN2v3nQm3dZl-y4C_3waJF14sy4NvCPIldXYvlM-Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 26DA 3 KB
1 KB 147ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:22:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 12:22:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 26DA 18 KB
8 KB 143ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:22:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 12:22:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 26DA 154 KB
48 KB 159ms
53ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 12:29:17 GMT

GET
H2 200 express_html_obb_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 26DA 119 KB
42 KB 121ms
37ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Requested by

Host: globalnews18.in
URL: http://globalnews18.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 08:47:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13289
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42405
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Nov 2022 08:47:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 26DA 8 KB
3 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Djy0z6MJnhgE0_aNyhQHEk_dKapBiVLvYZ3nCd_Ip-Qy-q2VVkQ0hai1xHO5RnqmSfTPVAB3cSfVWRbtO7nEl_4iyT7E5i1GK8xQKuKWcxEspMEX5IfUGpjD01Xr5Rh6S1wQb602Wpp-bYERpb5prQP8j9yChEnM7fjLAPNETkzD8BFTs&cry=1&dbm_d=AKAmf-Ck9MncEDLTr-Di4GVa_VMh0cHwzle-bVGJ_Td-yJqX5ZC7MgqKLWIXDlPzbsC5EiOFMVE4mWcq3PT7oy1o0BdmxHJ4Itsrs1D5IvDo-G7Uiw5hxyph2M_Wo3RI-Sx_2iH4lfaIQvfqVBTwEvjUBnHajs06aYzBf_xJzrxagXwayOBSNYQxjphbYuoxxB63REuPCmWRRYSthdjZG-VaQEnO4OHrbNUAwUCbzUWeRERMNrzzydIT-rrKARYPRpWxblKEdetEMLf_iol8EbAhTZjvzR1fLzTgpS4_wl656zGgURxkMgxO4vwjV2ds_Q_NmcVTNr8mdRQnkj8ZmciQVPDDErY2gyPZB1GCo0RPldNb5dgVg11-eMGVUzOMj1L_GjcPm1ufUrF6SxSx6Gcu3pOUb08jZtpeBXYRAO2gOYVgHgeiJb0A3m7L1LogUgVaTMkNHA0EPJvZdQa2YaAPTcj99Q0UPtpVXtg05Jy_TY0sE2dM_VLhUKrW9dAZSkllQZVAHo1LpByyO2dNNGPDHcdN3s_1QrLWZGM8T3fjLy4se0--9rADD1LDN5TMGn_Gxw9OlVNbjXK2SfcNdyKNZhVR7cl_yxxkW7cdmIeAz8uaF9cGvt8vookWc33doFkHi9xq_fAcZVcoiTL5txH_kE_yvULKPxryFXR3q50Ru2h45IIQqInKLKUWxcIzFADdmc4qRj26T9DvIp0lNxfpPKCoG3K42oNP4TZHktoZTui-y0Inm8dGTdPwjmyvTUzIcUb-2w7Eh9V0Ez2tCidnVPn2GDf6ZkdMsxeS9VWhbrlcA-yoeLoZsZLyu2eo3-E0P2rzJSwt0I8JA0l0PqvjckugVPbOGK6pqXZnEfawP4vErF97GHcijjM5T69MmV1CSRReuW5SsIk56ydR17AW8y5WKvWZ8sR9H8MLcYyY6u74aYY4Asbq_yXmYYXKh95LIcPrDR7FI6wqtAPW-iia2B0k0TdMCQRIx23vGId6nXnd9km_E-dMFOn4Zxw_hEY-fYbvqscCDkM6HgrObmTblPo0xLgMuVaDy3a4UG45WrghEWyDnVsA8D7nk5nnY--EZ1fbrNKWpg9AHtH1sZa5xu6wGb0ry1znrF06UTJXETuDSi4d8pi-8uG7ku9fArjCb4UgCmo9wqEZQ7lwte7kWQLe1SPwVxveJqLfgjXt0QjPGIq9ZAhHcgTa9hM6qpXefL3Y1oHo8EXBCobCDfMEG40sZ51nD3ERNHG-I7l8j7rcreX2nmSp9hXvC1c6Q7B9JjQuNRpYjFt2BbmviYi4TvAYh-0pealdvfbpkHe2wR3v4pNbapkRygCrp-16NQsvbPaV1TTpJHmQIuPoXCL2A2nZolseOXZn-UhH6gM4NfsCTerWyWKmMGJAS3YFG1G2Q8TDwKj2OgsD9DVteu0dtbjYNVuKim5WCEHXBt5B7yUNnXhN8jcD2rV8Wu6g3TJXU6QclJSRXte-SLKuQ1JOuuTYUuoe-JCeY3TX0OaP1iZxJLFNjMHTFkIeUlUNx10YrRchC2RDS5C9qRpVgQz2fAibVGCciBeUuch66CTvgsFYdTYlNaqNaS6KxiU8fXTHp0Y6BJRY6AOhcTOyEYPzH2W9AUBPy4VFfoUMJg_3RWlSHQWrbyvfq4HrnvOB09GBzqFtq9aX19A4RWFRD-ylSP63aXomzqpwdTmTDC3z4GQChr8Vd7gfaBuY-w3SlDf3fFSq8wcjzJTyMLcBj851dumrYeJIdCyydVOv639O5ZrTaNlbM6ghvwGLuXs1DtQxH0Z0vgWdsG1ZLt28nIYe64CYQe1QB3TYaJoOaMVuN1qAcU35Y70gT0Bjdyc6mlV2atsBFQuaZ3lU4M2XFdbsSG_8__iX7Uzhz2jwcmvR2r7dcD9-UhIzktKBsDug0I_yZXL14PKIs8hBRhtA3vWhkSrs03JcHKAOvVM3lUDqslUKUoPj5ulzqlkgLNjugAEH5ZsgzR9bmtiOHLla9f7YtWbZ28m2kuZ6VrVsfvw2MJe155BGiZ0JigxD4mCF2BMWRFmm1DjhhSBHzjeaIhZwjwpmG6hkYE2rEEYMoPX8bcBxzKp5Ii-gFAFjIV3dwvkjQzQqUPWiLgvgKlGm_vi5RWJ_cJWYfTyhBcnXfeBwXXzexxE-b7sWXymZQfDRZecdr93ERmF7YKGM3pNYZGt_u94vprwLDSKEvjpuIO-Nv0izMwVDRyIB6tQhAfSiinT2yo1xZmPMb6JF0Y_1fP-PRtAZraPQqn-AY1HINWcY9URg-GVPkItN9ypOMug55tIO5otS--oiVJGyo03Rb_COamILgOtQ7iyj98JeQAQAsQzuBCKSJ7XBWa1U4v95vuabsr7uvB2Jjjw4ETQaaDLZAbBuUh5BiS5XM5L2M3LdJWKDcaqbwxGk3JHRfZYlZh8T4IlxHoucx8VVoij4FcOwppPFAqfmxrlTB22AkB4M6RnJWA69VYK3iKdBY3Jti4q2gGGECujsg5W93qsriRi1oy2j-5N6oNNYDvFGiYBSmDpwh5-VFgHmlXsyH3JSI_h8LvRFK3LLr_0QhxRki-JVzrxen3zZWiOukgcCf78eBEk6bZMeEFcJfvAptZEoiY_zmPvScjpueVjghzo485lhm3IW25vih4MmP9SoGtA-43GZaQfi0CCUBToHVwPWeXGIME0WTrtB3QNNcn6zeTvyFUQj0GqBoBN1RO3zO1eZqQCs71kuUKz16pxF_DqObj_gVxkbHSMB4uVaqPTcqot1VLOPXfcQbSrATFl8uzq8UxirJD47kJD8hkhJ_YDS5LXjFErVcRrBX21cBszHqiOPdBZ8dwcGYVAdKB09UCbITCycMZ7ckegaUiWBRJ_zkL7-UsEqM9JTSuCYfqGsdKT3lL2fWwZwd2yjZbXvBRj7K-wyyZBY58rk86UptBhU92NX6JN7RpDTC-syyQimJlb7zyhngCNm-miMf9jfQx_0OHr7xOO5V4dLegROW8ipsid2XFM2eMm_To7e_5YHcR-Anndd9a-_GNzht3CTWgOdc-yNaQAT047iFSs9UFBCv7J-i8yutr7aXphOr2tznPt8Ou5K2aBS7BI2lHPztQCHQrd-8xK0vQ5jAZwUN94AkiA3eAmfG2W4C6zgNpIxIbbFL_fD_lZ3SG981QYrSibj5lM0oFS1hb9TeRJ-2alQj57di1_WRb_k9OsJIHQBuZo588kh_uCih0-2rw-iPa-G2Md72TkgxDErBOE6tpf-805oo2K7d6CAaVy18JWT2s3YR5dIn-g6oGucmvveuxDtoaWldytKs35AFSgvAydKgTZOPtIogkCjQcYhHZ-UFF92UE2Bm9w-pf2DI5NjzoW6-k0o04jicikLEAytvRMqDSI6CKPLveZI8EB7nzM5ivE3AvHxzTze24gzOf_yRHk5OVloO9HPSYPLgWBdDcuLpQH-e3bHYEtn3tpCVQ47SBlrjTEUifnXmcEcsAaqlh8x1XcE3HYODc_13YzO-7UiKkZeOx91zGdfFP4heLIlvq6QHhtzS-970-t8_nQX_QhdO6W3FshLrePrZks9WcxZ3N4MRqvlintf2xQXrY3lWSmuz8WShFMjLHEA0MzUYET8wfXJATaSAdsJP_U6AA66TS6ajrDzXiRmYOmdq-1rY4F8Ab-IAZ47LraR8wHKmYAAypNenp5cNPlJj-iK51klRhow3UeCmleeweKGUHPjJ84VII8LMmwFQH3KLrRcFjRUM7wT9DHIgmkbNH98UF6R7iALe4RSiAFDA6gi7_0bAg9iWksEF56Vc-AulZebupdYq_NIU8b8OzRORjWCtohYOzeK7a6eetiDmOc-Sl4VLLBxbLEbgV_rZJqm77f1ufmGwt-dcUoRBFO13xuMNf_8IKR90EW-B24IL_zo32XYP1wYNJIRtgeUlHgTo3panypsBjAwPbExUlCoXPZ5xW8gYfJbC5NPseGDYcb4ZZyM2TWLeDAFgzRnIAdIkkufCSw_HH7E3OU3aDQxcrlliem19AV3M4GQ4C1w6usrI91Q5p0WW2FBVty0GQ&cid=CAQSGwDq26N9KvHZf9wIh_HO5ZMyBWhzRi7AL6obvRgBIBM&rfl=1%2Chttp%253A%252F%252Fglobalnews18.in%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 16:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 16:31:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 26DA 29 KB
11 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 13:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 13:36:26 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 26DA 41 KB
15 KB 119ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:22:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:22:14 GMT

GET
DATA 200
OK truncated
/ Frame 26DA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91c2d4b8227a7a584517e26b4d966bef620797744a87dcc0d603f6e5f34061f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6104
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECXujU0KcgzfJbPcEkQyG3s&google_cver=1

43 B
766 B

71ms
38ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECXujU0KcgzfJbPcEkQyG3s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ8tzf9QEYquGrugEwAQ&v=APEucNU-8hVHkmWxFEQkJIDVMBS6ZMQK4JJMEWimD4DA6t43oqvLAknlEH_p3UN5SqemuQC0DB0OQkZrdcRb4wFskIRU3dNTGf4PEldO7XOTrKPJhBeOxpEJ3jv_tkJbSER3c1gV2ntrA0kRwfQNhWeUyRn6XJldpqmQ5yCC8uh2Po9LHK1rz58
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 12:29:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECXujU0KcgzfJbPcEkQyG3s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6104
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4SpnbkEP4DD1sYNj6ks7gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECXujU0KcgzfJbPcEkQyG3s&google_cver=1

43 B
766 B

47ms
46ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECXujU0KcgzfJbPcEkQyG3s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ8tzf9QEYquGrugEwAQ&v=APEucNU-8hVHkmWxFEQkJIDVMBS6ZMQK4JJMEWimD4DA6t43oqvLAknlEH_p3UN5SqemuQC0DB0OQkZrdcRb4wFskIRU3dNTGf4PEldO7XOTrKPJhBeOxpEJ3jv_tkJbSER3c1gV2ntrA0kRwfQNhWeUyRn6XJldpqmQ5yCC8uh2Po9LHK1rz58
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 12:29:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECXujU0KcgzfJbPcEkQyG3s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 6104
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPQx-cZ5rAalz-1ow9MV1mE&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPQx-cZ5rAalz-1ow9MV1mE%26google_cver%3D1

43 B
1 KB

89ms
44ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPQx-cZ5rAalz-1ow9MV1mE%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ8tzf9QEYquGrugEwAQ&v=APEucNU-8hVHkmWxFEQkJIDVMBS6ZMQK4JJMEWimD4DA6t43oqvLAknlEH_p3UN5SqemuQC0DB0OQkZrdcRb4wFskIRU3dNTGf4PEldO7XOTrKPJhBeOxpEJ3jv_tkJbSER3c1gV2ntrA0kRwfQNhWeUyRn6XJldpqmQ5yCC8uh2Po9LHK1rz58

Protocol

HTTP/1.1

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 12:29:17 GMT
AN-X-Request-Uuid: 5e781d92-89f0-443a-9254-00f862a98b1d
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 12:29:17 GMT
AN-X-Request-Uuid: fd536059-e8d1-4c2d-94a9-c66a4ee75499
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPQx-cZ5rAalz-1ow9MV1mE%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6104
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY4OTAzNTkzNTgxNzU0NDI3NQ%3D%3D

170 B
188 B

60ms
60ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY4OTAzNTkzNTgxNzU0NDI3NQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 12:29:17 GMT
AN-X-Request-Uuid: f1c5ab22-11c0-459c-b7b4-fd0691888db5
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY4OTAzNTkzNTgxNzU0NDI3NQ%3D%3D
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10653048585135849472/ Frame AC32 544 KB
37 KB 116ms
40ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10653048585135849472/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b30a036c9441cb8e94a7722ecda58620153b3014ae85b37ed34f796c4aa8ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 492712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 37446
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 19:37:25 GMT
expires: Wed, 22 Nov 2023 19:37:25 GMT
last-modified: Mon, 08 Nov 2021 12:53:51 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 26DA 0
0 183ms
84ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKwA4ZV9dD9TB6yeaEDXDtEQKq4cqI_yvG--DXkRgITFzLiUkpj2CdufTfSVQqFLYB_06ddfa8Ab4kFqStN43dV8w_9NtaIDz4Jg0-ht0vilZDGZz0kAKFO7Mt-8Vn_KZtWP7iTss5gpkFXYAL__mHIXWI8c9VCgCbcphKkNbq67VoFhKcybhN3vRTvSrbIXteXRBSH5SDgqCmLoTgbGOuUHOxxMJ0fN7qlw7wdV1dUsZ2QBDO4UljWRIISDU5QjnQJc2RJNxIaRxpNaIudTqRl_cOJ2Ag77gDDA2lK7Ru2cisb1GAYiJQia3uG7-Zub4rixmgtWdKJlpZpNjCvMKz1Yzdi93QQiHgJK_rqSt8pBJBncBJ0ZQEv6fpY_6_LxrQf9CrF7eqt_8MVW1iyaNsrUc8XXK-SQqQL9LgkOX9QEuuayZf889nxJ3zPvrUZF1wWYUa9i2Lt0dGjvAhWpwI_eoGCdK15jJy3E2VTKhpJ8y3JLanqqMyFN-UEaN8RZStpsgXNRDmBgzZ7fzmHAp2aNq2eqEyT7EXMqlmOUmSuenvmqrT05IhVgNOpvVx42Vpchi3G19XfryNtU0w1T4rlt2Lkj1_EZf3euOnrrCtflMd9Igd4bFW8Rk25PdIz97uNd6F9y_YomS6ijatTGwcecuHRbZOj8BhCadiO6tIezP54qJge1D_ZNvT6WFSXT_-5YLCvoCXkjTrIWDw1jWJH-KiMK94li1SauKcFqbouFSLon9xdRdOZg9azAiHjwh0ajO_936ZzocmnKYfbRL91hWLKsEvvZ_dxaPSmhvBgF61OjiocaWes2VgsrEmse64Lfric31qeJWtytXSCUckd3MwQGH0ZxJkcLohChWCAXWbfnGjbVP6fIBC2Lsngom1yiLX2sFAXT9JoaGPkphcnrwMSl4Jvw-LYvObKj893HDEs5MNjh4kvmOzsuulrErZKby90AlacD62gzQF2ISQ9oXZ9WxFWc_GeMWxhrMNIlC5CxyGp5PgMx6x-w0nq_lexq8pMIimYs1kRPe1Y1iEbH_PN5TcTbc-mdZuSlFSXTrX4IHaJ0g503glDTnsgAZgqrIeiOuRnevvwmDwCaT7eMCgwISqj8MFJH1HciWCOJLtwNG1cuWECmId5Ey2X11nKLIuqFoLJCs9yObDQHuwySXaqSXS6c91D1DotRx3mybjFodB1wH5sFT6Sd8oa3UZXAjKqdk1NIc-FUMMf8TrIOk5xeXpu2vM5FwnYI92X1kcidkiazv4QJFtpmz7AABREjRAdDi2JwQgsszJgg&sai=AMfl-YQe7vq2FWtKw20zG_cWqm61CY5BVwmu4lxvFJ8254SqeQyNI-ZzNeHSyJCicaDihC6pZXh8fnlbpLCs74QqH0RQFC9EMM3l6MJVy63oHNOKaDu1aikrgV1Hk9xW0vGCMJ_A7lLdhHjoCHPOWPBQAILJ8nQ93VJrd8UvGgO7I3-vSTcyXyprRIcq5w&sig=Cg0ArKJSzJFoDU3rz4WjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=181&cbvp=1&cstd=178&cisv=r20221110.48653&arae=0&ftch=1&adurl=

Requested by

Host: globalnews18.in
URL: http://globalnews18.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 28 Nov 2022 12:29:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 28 Nov 2022 12:29:17 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B792 22 KB
8 KB 40ms
38ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 259526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 12:23:51 GMT
expires: Sat, 25 Nov 2023 12:23:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame B792 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 07:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 07:57:30 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame AC32 29 KB
10 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 11:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2037
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Nov 2022 11:55:20 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 26DA 0
0 152ms
76ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKwA4ZV9dD9TB6yeaEDXDtEQKq4cqI_yvG--DXkRgITFzLiUkpj2CdufTfSVQqFLYB_06ddfa8Ab4kFqStN43dV8w_9NtaIDz4Jg0-ht0vilZDGZz0kAKFO7Mt-8Vn_KZtWP7iTss5gpkFXYAL__mHIXWI8c9VCgCbcphKkNbq67VoFhKcybhN3vRTvSrbIXteXRBSH5SDgqCmLoTgbGOuUHOxxMJ0fN7qlw7wdV1dUsZ2QBDO4UljWRIISDU5QjnQJc2RJNxIaRxpNaIudTqRl_cOJ2Ag77gDDA2lK7Ru2cisb1GAYiJQia3uG7-Zub4rixmgtWdKJlpZpNjCvMKz1Yzdi93QQiHgJK_rqSt8pBJBncBJ0ZQEv6fpY_6_LxrQf9CrF7eqt_8MVW1iyaNsrUc8XXK-SQqQL9LgkOX9QEuuayZf889nxJ3zPvrUZF1wWYUa9i2Lt0dGjvAhWpwI_eoGCdK15jJy3E2VTKhpJ8y3JLanqqMyFN-UEaN8RZStpsgXNRDmBgzZ7fzmHAp2aNq2eqEyT7EXMqlmOUmSuenvmqrT05IhVgNOpvVx42Vpchi3G19XfryNtU0w1T4rlt2Lkj1_EZf3euOnrrCtflMd9Igd4bFW8Rk25PdIz97uNd6F9y_YomS6ijatTGwcecuHRbZOj8BhCadiO6tIezP54qJge1D_ZNvT6WFSXT_-5YLCvoCXkjTrIWDw1jWJH-KiMK94li1SauKcFqbouFSLon9xdRdOZg9azAiHjwh0ajO_936ZzocmnKYfbRL91hWLKsEvvZ_dxaPSmhvBgF61OjiocaWes2VgsrEmse64Lfric31qeJWtytXSCUckd3MwQGH0ZxJkcLohChWCAXWbfnGjbVP6fIBC2Lsngom1yiLX2sFAXT9JoaGPkphcnrwMSl4Jvw-LYvObKj893HDEs5MNjh4kvmOzsuulrErZKby90AlacD62gzQF2ISQ9oXZ9WxFWc_GeMWxhrMNIlC5CxyGp5PgMx6x-w0nq_lexq8pMIimYs1kRPe1Y1iEbH_PN5TcTbc-mdZuSlFSXTrX4IHaJ0g503glDTnsgAZgqrIeiOuRnevvwmDwCaT7eMCgwISqj8MFJH1HciWCOJLtwNG1cuWECmId5Ey2X11nKLIuqFoLJCs9yObDQHuwySXaqSXS6c91D1DotRx3mybjFodB1wH5sFT6Sd8oa3UZXAjKqdk1NIc-FUMMf8TrIOk5xeXpu2vM5FwnYI92X1kcidkiazv4QJFtpmz7AABREjRAdDi2JwQgsszJgg&sai=AMfl-YQe7vq2FWtKw20zG_cWqm61CY5BVwmu4lxvFJ8254SqeQyNI-ZzNeHSyJCicaDihC6pZXh8fnlbpLCs74QqH0RQFC9EMM3l6MJVy63oHNOKaDu1aikrgV1Hk9xW0vGCMJ_A7lLdhHjoCHPOWPBQAILJ8nQ93VJrd8UvGgO7I3-vSTcyXyprRIcq5w&sig=Cg0ArKJSzJFoDU3rz4WjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=393&vt=11&dtpt=212&dett=3&cstd=178&cisv=r20221110.48653&arae=0&ftch=1&adurl=

Requested by

Host: globalnews18.in
URL: http://globalnews18.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 28 Nov 2022 12:29:18 GMT

GET
H3 200 018.png
s0.2mdn.net/sadbundle/10653048585135849472/ Frame AC32 8 KB
8 KB 46ms
40ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10653048585135849472/018.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2188dace2c6937cf7aae62249d33edcb61a13e7470de49398c31aafb1a52f53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 14:12:15 GMT
x-content-type-options: nosniff
age: 253022
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8231
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 12:53:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Nov 2023 14:12:15 GMT

GET
H3 200 017.png
s0.2mdn.net/sadbundle/10653048585135849472/ Frame AC32 6 KB
6 KB 63ms
57ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10653048585135849472/017.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d59f582e40beffda5a91a43d77f0358d65f62790f0376f071df63ac18eb7a73e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 18:47:52 GMT
x-content-type-options: nosniff
age: 495685
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5879
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 12:53:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 18:47:52 GMT

GET
H3 200 016.png
s0.2mdn.net/sadbundle/10653048585135849472/ Frame AC32 6 KB
6 KB 71ms
65ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10653048585135849472/016.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a931894a43b05d87b68401096264811348f68d093ae065a669a3899903a8399a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 17:41:11 GMT
x-content-type-options: nosniff
age: 240486
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 12:53:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Nov 2023 17:41:11 GMT

GET
H3 200 015.png
s0.2mdn.net/sadbundle/10653048585135849472/ Frame AC32 6 KB
6 KB 65ms
59ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10653048585135849472/015.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5accafd0a2925cb9643f69178ca986e2da7c965074b6e53af9e8074fcea4a6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 18:47:52 GMT
x-content-type-options: nosniff
age: 495685
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6483
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 12:53:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 18:47:52 GMT

GET
H3 200 014.png
s0.2mdn.net/sadbundle/10653048585135849472/ Frame AC32 6 KB
6 KB 59ms
53ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10653048585135849472/014.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c60f1a63c631bc27ab78f004b50a0b5c4ddb971e7f14f6a3b55d51ec364ef73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 11:56:45 GMT
x-content-type-options: nosniff
age: 261152
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6279
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 12:53:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Nov 2023 11:56:45 GMT

GET
H3 200 013.png
s0.2mdn.net/sadbundle/10653048585135849472/ Frame AC32 6 KB
6 KB 47ms
42ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10653048585135849472/013.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da42dfe0d8b39a3eb319dd568fa04f7f0f46fc2fdd5a93679de554ae79ae060a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:22:40 GMT
x-content-type-options: nosniff
age: 345997
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6131
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 12:53:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 12:22:40 GMT

GET
H3 200 012.png
s0.2mdn.net/sadbundle/10653048585135849472/ Frame AC32 6 KB
6 KB 54ms
49ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10653048585135849472/012.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c35a4c898a02eb28ea0f7585fa6d02d03e222dfee7b65722b617ec76b71520a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 08:28:15 GMT
x-content-type-options: nosniff
age: 360062
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6479
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 12:53:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 08:28:15 GMT

GET
H3 200 011.png
s0.2mdn.net/sadbundle/10653048585135849472/ Frame AC32 7 KB
7 KB 51ms
45ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10653048585135849472/011.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc0db3ac0b6fddade328fa2531cb45a51742ed34c6b25e1b49c06b0db83edf78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 01:42:19 GMT
x-content-type-options: nosniff
age: 211618
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7408
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 12:53:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 Nov 2023 01:42:19 GMT

GET
H3 200 010.png
s0.2mdn.net/sadbundle/10653048585135849472/ Frame AC32 7 KB
7 KB 95ms
90ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10653048585135849472/010.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f80d1f02dbd18037cb448f2c495167f0e8fbc24fe49cf4a22978a2f0ff5a6934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 14:12:15 GMT
x-content-type-options: nosniff
age: 253022
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7630
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 12:53:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Nov 2023 14:12:15 GMT

GET
H3 200 009.png
s0.2mdn.net/sadbundle/10653048585135849472/ Frame AC32 6 KB
6 KB 90ms
85ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10653048585135849472/009.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fb748eaa5e4d3796ad6d387e9994e82ca9c6259b2441c47770b48e7dc08216f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 21:29:34 GMT
x-content-type-options: nosniff
age: 485983
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6156
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 12:53:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 21:29:34 GMT

GET
H3 200 008.png
s0.2mdn.net/sadbundle/10653048585135849472/ Frame AC32 6 KB
6 KB 99ms
94ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10653048585135849472/008.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c6fc085d89824e247b8a8bf901aec4bb2dc0d20d6b9d343debc33ed6309f516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 16:12:25 GMT
x-content-type-options: nosniff
age: 505012
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 12:53:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 16:12:25 GMT

GET
H3 200 007.png
s0.2mdn.net/sadbundle/10653048585135849472/ Frame AC32 7 KB
7 KB 73ms
67ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10653048585135849472/007.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

617987cfcaeccdc52b6e9617a307aa1f96c9773c8284047475bcdeb320ce29fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 14:34:12 GMT
x-content-type-options: nosniff
age: 510905
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6983
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 12:53:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 14:34:12 GMT

GET
H3 200 006.png
s0.2mdn.net/sadbundle/10653048585135849472/ Frame AC32 8 KB
8 KB 77ms
72ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10653048585135849472/006.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b21a916c4a5f1a41d88771423591e00d850b3aac5227ad16567002d626514f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 18:47:52 GMT
x-content-type-options: nosniff
age: 495685
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8070
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 12:53:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 18:47:52 GMT

GET
H3 200 005.png
s0.2mdn.net/sadbundle/10653048585135849472/ Frame AC32 7 KB
7 KB 81ms
76ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10653048585135849472/005.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

661f3e96c72b127e61cbdc4ab8199ae1462b627947be45607600517f62190a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 17:58:56 GMT
x-content-type-options: nosniff
age: 239421
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6818
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 12:53:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Nov 2023 17:58:56 GMT

GET
H3 200 004.png
s0.2mdn.net/sadbundle/10653048585135849472/ Frame AC32 6 KB
6 KB 86ms
82ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10653048585135849472/004.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e0b0ef353adc055d0c59fbfadc883cc6cf9d2e7a923ccff3db6d9235123f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 11:58:27 GMT
x-content-type-options: nosniff
age: 261050
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6433
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 12:53:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Nov 2023 11:58:27 GMT

GET
H3 200 003.png
s0.2mdn.net/sadbundle/10653048585135849472/ Frame AC32 8 KB
8 KB 108ms
103ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10653048585135849472/003.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c993ab957b4b88dd3ff815ccab1d77d885d6e1ba0a8f71dc5ba2fdd2ea2012b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 11:52:00 GMT
x-content-type-options: nosniff
age: 261437
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7764
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 12:53:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Nov 2023 11:52:00 GMT

GET
H3 200 002.png
s0.2mdn.net/sadbundle/10653048585135849472/ Frame AC32 9 KB
9 KB 100ms
96ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10653048585135849472/002.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8204614997920fdce6bb860f4a25f632696e0ecc51a710e4d28efd00ccb9677c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 18:47:52 GMT
x-content-type-options: nosniff
age: 495685
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9283
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 12:53:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 18:47:52 GMT

GET
H3 200 001.png
s0.2mdn.net/sadbundle/10653048585135849472/ Frame AC32 5 KB
5 KB 106ms
102ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10653048585135849472/001.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

804392b27c6b889e295c78fe19d833b3e008d6bfbddc0f5bb0d9e68b84e746cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10653048585135849472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 18:47:52 GMT
x-content-type-options: nosniff
age: 495685
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4859
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 12:53:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 18:47:52 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 26DA 7 KB
6 KB 155ms
78ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14994e66f3bfbb683584b6366cbdc25ec6c1d988445edf1511e8228d54314f8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5740
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B792 0
20 B 84ms
83ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLT6bnamEY-z8Grqj9u8PuN6-kAIAAAAAOAHgBAI&bg=!BgWlBUHNAAbvMpMzzzI7ACkAdvg8WjP-cXUnjHqCZOWUpj-ZPPEPymQvkLL2N9g1Lt8T_05lIhNxGAIAAAB8UgAAAARoAQcKAFvbYlZykRutHf52ZJna7S0JcPPwD87XhF5Mb6yFVpXw5DDl6uI2qOqeMPIo5okYfUxP4bKL65OtToajqtyID-zUWp6vKYzCIlbh6vSqnpBApvWtEjC0piP2eLL3mQLO3hmFtLQ1IGaB7LOmWdXk-ZGDCOGieoGq6N_txI2MC-gu2zqCXSUW7mwv0tfZE4TGkY4H7U2ghZY_thUNfh_qY0ywGjsyUIdtRRpkYG__mJKROonNtnIM4KisL_TnHkXhP489TuSDwltLe999VVrDbTxGXmOqA7lfhWS_qd66-HlZQrdCxx0b-c6qyQ6iGo52rd9JMLBmpTgHaJyBATk9tLzJaiTxoO8vA3p9RXPel9NaLiGxKIT2CXR7mTSa-8JJmwTSa0m2QuDFAXTM94_h8-00C80WieglTkXA-VuDWj4okdXJADCn_d-m_F6XI6F2UfE4HHMENsKPt1gNc14rqsneGBDJjy-nFimgRSS4a-4h-dl00QUYlCRJn_Wum-cpZUGqm-vae45RzNpLnujlwRSN7h6mdL2vLnBooERxboWu-LiCKirFrvWT1T_wdFLKATX134WthUalQgrDsz3Evt-LLIEIKd0dUQ_tcPmUflvqVaFGbOPfTgumUt-JN6p8gpgcVDYcc49R71pK4i4sFzdkvH1RbzsEAuHhKwzRdGvFG2FSkp62TWsdIdHY2jmsJkgkk8pTx_EdcY284WaZXAa1D3Io8qQXmGSL85IVsnAzAFZVGeAjHn5Jc9Es9ZgTojKhHHYGcktPJKZtQ9wf8qf19MBJy19R-yoXYiLP4p8k4y-DiMs2xwigzVpHd5wXczFQEr1HhfxoMOuFRL9WTmbsXZfWdM0t5eOyuQzWq2wBDEYf2xEWbxuA-dcOUnTSbaSvehCQsZkJba6YUZvPSVSbbSBvABuesU4-DJuTaa-HhH4mgMqsN9FvApzFKw02wArczc4kWEnEa98okfPZYILrYpZcsmD-fqz0XI3fQOET3x--zjFJ4kUepyDPomxGoQcN_0SKtX9JrUjGQSI9Qy0ER7yi9NmQqqb3dR5YOhNc5O_EkBh-mizUEFn0kQ

Requested by

Host: globalnews18.in
URL: http://globalnews18.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E5F5 6 KB
1 KB 132ms
46ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=3789639019&pi=t.aa~a.3148241678~rp.4&w=799&lmt=1669638557&nsk=1813271d&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=0&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0%2C799x581&nras=3&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=4224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ZTtTwzImdr&p=http%3A//globalnews18.in&dtd=25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Nov 2022 12:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 11:29:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Nov 2022 12:29:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E5F5 6 KB
745 B 132ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&text=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Nov 2022 12:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 12:11:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Nov 2022 12:29:18 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E5F5 35 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cf4a7e5a645c8578b3397542d9669f2549d2a3cec259b7d393f84fc1eaf73a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 19:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14142
x-xss-protection: 0
server: cafe
etag: 14789286559671545279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 19:52:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E5F5 154 KB
47 KB 127ms
50ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 12:29:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame E5F5 23 KB
9 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 07:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18836
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 07:15:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E5F5 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 12:12:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E5F5 18 KB
7 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:22:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 12:22:13 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E5F5 0
0 132ms
45ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7gEW1cBknDT7xtgizkcmlfgQgTICVa4K6GnZTKH9_hD_h3XzwzA6aU29fcVhC_lTCOKevLOM01QnlUjNJ5iKQOW-PFg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=3789639019&pi=t.aa~a.3148241678~rp.4&w=799&lmt=1669638557&nsk=1813271d&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=0&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0%2C799x581&nras=3&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=4224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ZTtTwzImdr&p=http%3A//globalnews18.in&dtd=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 26DA 17 KB
6 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 12:29:18 GMT

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 4D92 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 07:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 07:57:30 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5726725605948400461/ Frame E5F5 48 KB
48 KB 110ms
110ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5726725605948400461/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIzgUQ-AIYASABLQAAAD8wzwU4-AJFAACAPw&rs=AOga4qmQO_pSYUP8fslUfTaNTfvcWkbXvA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b753596c0fdc3e3a89de9f55da59a977bb0a2c7d283a65200b8be041dd0dc581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:18 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48844
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 17:01:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 28 Nov 2023 12:29:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E5F5 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzmiUnamEY_auFPOW78EPpfyg4Aq168rPbbGr24j3EJ64iLaDAxABIKTIwJABYJWCgICUB6ABlfiy9CjIAQapAqU_7WFMuLE-qAMByAPLBKoE0gFP0NQl6_Tzz-3smsSZd483nWd9SUt2tlzjwCPtRrr4CpnuhoeHzLykKm5s6ZNf2OrEzwgsrow41-OarA3V9OWryDsFY4uu1-uIrVnf-_bTo_juzpU4F5kNMHyTzeOvx-MzZevpgbUGbPXPJ7IsCfhf_6BkgaQGeXQEEoNLsoTdygW066juvOc7ZSavBSTmUtzxXPPYmS1hdZnGRAK1mUYo4r7g1fHZZ7C7vdJysyfzYIPB7bjjrtd5WQC_JuCTckSc-m37s9laJcI4lEXPZMu60njABJ7-i7GaBJIFBAgEGAGSBQQIBRgEoAY3gAeVsIPUA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEL62XNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTczMDkzMzYzNTEwMzg0ODEYAA&sigh=NZgpg7XeH1E&uach_m=[UACH]&cid=CAQSOwDq26N9M1vK39CvXMkZC4NRX1WPvuU39579R5OgXyt_G8sA_B3g2Hea-crVbz7iPHm-HpIfMYqI2TkYGAEgEw&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=3789639019&pi=t.aa~a.3148241678~rp.4&w=799&lmt=1669638557&nsk=1813271d&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=0&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0%2C799x581&nras=3&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=4224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ZTtTwzImdr&p=http%3A//globalnews18.in&dtd=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 28 Nov 2022 12:29:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E5F5 16 KB
16 KB 121ms
37ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 404333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 20:10:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 74B9 143 B
166 B 41ms
37ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=3789639019&pi=t.aa~a.3148241678~rp.4&w=799&lmt=1669638557&nsk=1813271d&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=0&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0%2C799x581&nras=3&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=4224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ZTtTwzImdr&p=http%3A//globalnews18.in&dtd=25
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 12:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 174D 1 KB
643 B 41ms
40ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 15:56:16 GMT
etag: 48472445140208031
expires: Mon, 28 Nov 2022 15:56:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E5F5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2095f37ffd6f4083fdfb798ce9ccfa989e28401997a9cb6bd0e8c8e0af82ddd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 174D 35 B
464 B 145ms
43ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKHYZxGPd63RbIeONU0nJLY&google_cver=1&google_push=ASkJ3FY2BaKkBBr0evAIevmJK0snQ3pXsrDg824UuC9ndaLJHFwuwQrcpkyiDEVTg9Lv4H-5AuLfDv0NPy8iSkRx8zqj7-YCDEPd

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 174D
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FY13nKi...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FY13nKi...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjgxMjI5MTgwMDA1NjU4NjU4MTQzOQ%3D%3D&google_push=ASkJ3FY13nKi6smQucG5muVHqVDEO8QefjNTdNUQ5Q1boZiQSjvH7o5rMwY3x2SQNl74D9...

170 B
188 B

47ms
47ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjgxMjI5MTgwMDA1NjU4NjU4MTQzOQ%3D%3D&google_push=ASkJ3FY13nKi6smQucG5muVHqVDEO8QefjNTdNUQ5Q1boZiQSjvH7o5rMwY3x2SQNl74D9FX-t6IToBx_6OUmCNSXdqAhl1vBUPM

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjgxMjI5MTgwMDA1NjU4NjU4MTQzOQ%3D%3D&google_push=ASkJ3FY13nKi6smQucG5muVHqVDEO8QefjNTdNUQ5Q1boZiQSjvH7o5rMwY3x2SQNl74D9FX-t6IToBx_6OUmCNSXdqAhl1vBUPM
pragma: no-cache
date: Mon, 28 Nov 2022 12:29:18 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Mon, 28 Nov 2022 12:29:18 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 174D 43 B
356 B 147ms
47ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEE8bz1ye7telziGERQXiNV4&google_push=ASkJ3FZTav0dXScs84ybcdo7BvdCj44COBSTKxcbJsBCQjLQUKmi4v8CC1R76noijeOi5UO2_dCQqVyvogXIaUQT3ucOcYBHExLI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=3789639019&pi=t.aa~a.3148241678~rp.4&w=799&lmt=1669638557&nsk=1813271d&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=0&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0%2C799x581&nras=3&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=4224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ZTtTwzImdr&p=http%3A//globalnews18.in&dtd=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:18 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 174D 43 B
351 B 145ms
45ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIgi70_1MGcD9oWXaXBOrnA&google_cver=1&google_push=ASkJ3FaJD-6s9LpU7ONt3DfV4Kkb07TAuvCqYStcVLLb9fEAwMjlDgAa9JnVRAmowpkyeBs4sp8N3QTyJ5-C_3m5csgjlWMFyAGN
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=3789639019&pi=t.aa~a.3148241678~rp.4&w=799&lmt=1669638557&nsk=1813271d&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=0&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0%2C799x581&nras=3&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=4224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ZTtTwzImdr&p=http%3A//globalnews18.in&dtd=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:17 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ij2ajbat8ilbr7egjl9b602dc8g0vu56

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 174D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gz5C-YXNTnmRF7r_BlIuLw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

52ms
47ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gz5C-YXNTnmRF7r_BlIuLw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaT-DtNFMhX93sht4oh4hFVI0v6xHPHMFEz7tc0XUBVFkkGkfTQBfTpOtQkwSlKjDofzGGSpHJ_ckddRcf7vaSVFmIjPTBB

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gz5C-YXNTnmRF7r_BlIuLw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaT-DtNFMhX93sht4oh4hFVI0v6xHPHMFEz7tc0XUBVFkkGkfTQBfTpOtQkwSlKjDofzGGSpHJ_ckddRcf7vaSVFmIjPTBB
date: Mon, 28 Nov 2022 12:29:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 174D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBTxf4k21qe0wLtG5DFf5aQ&google_cver=1&google_push=ASkJ3FYGHUKUnQVKwBLYZGOjTFXZA2YvGi0TDI5eJS78SN7JwJ55FB2R3XSIwhhcbLjovu0Vg4D...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwUk9TVzMtMTQtTE1FQw==&google_push=ASkJ3FYGHUKUnQVKwBLYZGOjTFXZA2YvGi0TDI5eJS78SN7JwJ55FB2R3XSIwhhcbLjovu0Vg4DYBPxghKt5vatLf0Uo3ZJLnYN0

170 B
188 B

53ms
52ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwUk9TVzMtMTQtTE1FQw==&google_push=ASkJ3FYGHUKUnQVKwBLYZGOjTFXZA2YvGi0TDI5eJS78SN7JwJ55FB2R3XSIwhhcbLjovu0Vg4DYBPxghKt5vatLf0Uo3ZJLnYN0

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwUk9TVzMtMTQtTE1FQw==&google_push=ASkJ3FYGHUKUnQVKwBLYZGOjTFXZA2YvGi0TDI5eJS78SN7JwJ55FB2R3XSIwhhcbLjovu0Vg4DYBPxghKt5vatLf0Uo3ZJLnYN0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 174D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEChG0COfI8mFvIFWUTEtcS4&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEChG0COfI8mFvIFWUTEtcS4&google_hm=Y4SpnbkEP4DD1sYNj6ks7gAACEkAAAIB&google_nid=index&google_push=ASkJ3FbLiprIkMFcH8PpUN7DiFUh_xVuOAK92...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEChG0COfI8mFvIFWUTEtcS4&google_hm=Y4SpnbkEP4DD1sYNj6ks7gAACEkAAAIB&google_nid=index&google_push=ASkJ3FbLiprIkMFcH8PpUN7DiFUh_xVuOAK92d3ucvhJ5MYHK2MSCppGkM3IOGkGQbltcMZ4zwbjYO5GwAf-3oqJvWqEf2cZVttZ

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehP687uHfT28Y%2B5oI7NkoWfjJRkvdBWJ58YYh49z6XTRxA4qQvEa2ANX%2Bvl0ulhalWCB9%2FCeTPrGisX1nyQZecNdFjeJqiUmuQMkxvJyGKnNGXmlTVbfrRFV5cLsQemJDaDe6FuzEC%2BG8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEChG0COfI8mFvIFWUTEtcS4&google_hm=Y4SpnbkEP4DD1sYNj6ks7gAACEkAAAIB&google_nid=index&google_push=ASkJ3FbLiprIkMFcH8PpUN7DiFUh_xVuOAK92d3ucvhJ5MYHK2MSCppGkM3IOGkGQbltcMZ4zwbjYO5GwAf-3oqJvWqEf2cZVttZ
cache-control: no-cache
cf-ray: 77131bbebfdb912b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 174D 0
12 B 50ms
48ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K3eOadFMF59a9l4wQcrj0_7YVZH80pGEypEVbPU3bARxXO5l_lAtzwkgpEegxfXGEvjAXu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 74B9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
50ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 12:29:18 GMT
expires: Mon, 28 Nov 2022 12:29:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 12:29:18 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame AE1F 6 KB
672 B 142ms
48ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Nov 2022 12:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 11:29:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Nov 2022 12:29:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AE1F 6 KB
672 B 143ms
49ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&text=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Nov 2022 12:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 11:39:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Nov 2022 12:29:18 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame AE1F 35 KB
14 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cf4a7e5a645c8578b3397542d9669f2549d2a3cec259b7d393f84fc1eaf73a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 19:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14142
x-xss-protection: 0
server: cafe
etag: 14789286559671545279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 19:52:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE1F 154 KB
47 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 12:29:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame AE1F 23 KB
9 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 07:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18836
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 07:15:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame AE1F 3 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 12:12:01 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame AE1F 18 KB
7 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:22:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 12:22:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AE1F 0
0 45ms
45ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCp1Hqkb0H_naLkAEMYOnR1UCu0gGBNbU-3G4ODMdDXUYAgjqSTj7v2OO0h6gE6EvPsW3dXvtboAfyCQTzgvXp9ddGpg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4080413104827511245/ Frame AE1F 42 KB
42 KB 106ms
106ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4080413104827511245/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIzgUQ-AIYASABLQAAAD8wzwU4-AJFAACAPw&rs=AOga4qkeQbE93XYDb4fTVnkAJTuRTsCRWA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb0da82fce505792f8a8ad061253ad42853e285ae1b391e9fa8a5fa84d2bedf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:18 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42895
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 17:01:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 28 Nov 2023 12:29:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AE1F 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDlUenamEY_7aE4rT6gSW-4HwA7Xrys9tsavbiPcQnriItoMDEAEgpMjAkAFglYKAgJQHoAGV-LL0KMgBBqkC5k5SORi9sT6oAwHIA8sEqgTYAU_QYpGzJ4fIaltJCbX2meOO7B06SteRlnA-qjdnLPVkGyXvF-H47bwD1peRuml03fjeVPHQtoMKYHXCOVyuuP2nbXaUocmlIkNW509V-WYtpWPBZ2ULt1HZDpFZf2powoD3NXg7wmjaLNMfh2u5_9Q20IWmGSD2MbOPV2ZNks5CSIeOQz29fZx_vPiolRcGyECv6klSnlZZ4IzwO9HieuDlkabFr-f4fLOHmddbQI1tiyGy8fFL3TQw7B-VSf82apJ8RFj4ev04ccqknC4c4A_vhpamstRs28AEnv6LsZoEkgUECAQYAZIFBAgFGASgBjeAB5Wwg9QDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ2q1Y0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNzMwOTMzNjM1MTAzODQ4MRgA&sigh=UQdaNhzv6GE&uach_m=[UACH]&cid=CAQSOwDq26N9X1lLo7Q2JkTdQ_tD3CPndY8EtaTuxvaPS7js7ri0ZPLcthG1DJz-w_0oQmJNy2FU1EdjzpNvGAEgEw&template_id=492

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 28 Nov 2022 12:29:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1249 143 B
166 B 39ms
37ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 12:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 04A2 1 KB
643 B 42ms
40ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 15:56:16 GMT
etag: 48472445140208031
expires: Mon, 28 Nov 2022 15:56:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AE1F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d45bacbc12a5cd718051e9aac6d5028ee86ac741494060497a8ba43b22625950

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AE1F 16 KB
16 KB 119ms
37ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 404333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 20:10:25 GMT

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 364F 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 07:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 07:57:30 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 04A2
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKOxNXZh5cazUhXprJyAYdY&google_cver=1&google_push=ASkJ3FaJCwkfQuBwGyVwM4LPZK5tIokhx4_Ov7jtkCv-aId9msm5Zy3l2b...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FaJCwkfQuBwGyVwM4LPZK5tIokhx4_Ov7jtkCv-aId9msm5Zy3l2bgC_09BdnWn5BL52jbTgBdkYuU-vmyZZJ1iLp2oKSYc-A&google_hm=J9ZJb4Zgu_...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FaJCwkfQuBwGyVwM4LPZK5tIokhx4_Ov7jtkCv-aId9msm5Zy3l2bgC_09BdnWn5BL52jbTgBdkYuU-vmyZZJ1iLp2oKSYc-A&google_hm=J9ZJb4Zgu_jWGDhsr16qog

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FaJCwkfQuBwGyVwM4LPZK5tIokhx4_Ov7jtkCv-aId9msm5Zy3l2bgC_09BdnWn5BL52jbTgBdkYuU-vmyZZJ1iLp2oKSYc-A&google_hm=J9ZJb4Zgu_jWGDhsr16qog
pragma: no-cache
date: Mon, 28 Nov 2022 12:29:18 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 04A2 0
98 B 132ms
46ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FY3-EMx-nKHvzQ2SVT6kKFY4_rIx8pc-fxGJEYunYDvUr9Zb3etQQuLxhO2DvQ0icalQmMGwEMxyk2-Se3ZlknC9FBbpLO1kw&google_gid=CAESEPJ3NyuzFuTk_659UIdwtzI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:18 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 04A2
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FYuNfcU...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FYuNfcU...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjgxMjI5MTgwMDA5NjAzNjg5NjI1Mw%3D%3D&google_push=ASkJ3FYuNfcUyW-nI0L4wQ58xyNuNC7pO0QxUjBGztkGHptCh-EsX8Dv5lRxUupI9b0UwV...

170 B
188 B

48ms
48ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjgxMjI5MTgwMDA5NjAzNjg5NjI1Mw%3D%3D&google_push=ASkJ3FYuNfcUyW-nI0L4wQ58xyNuNC7pO0QxUjBGztkGHptCh-EsX8Dv5lRxUupI9b0UwVS-YLLbkxi0CDjwGYVSJZCQ5nlL8cMm2Q

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjgxMjI5MTgwMDA5NjAzNjg5NjI1Mw%3D%3D&google_push=ASkJ3FYuNfcUyW-nI0L4wQ58xyNuNC7pO0QxUjBGztkGHptCh-EsX8Dv5lRxUupI9b0UwVS-YLLbkxi0CDjwGYVSJZCQ5nlL8cMm2Q
pragma: no-cache
date: Mon, 28 Nov 2022 12:29:19 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Mon, 28 Nov 2022 12:29:19 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 04A2 43 B
64 B 90ms
49ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJ60cJSKCUiH55Sq2Ze8fCQ&google_cver=1&google_push=ASkJ3FZ7CAEzSJpqLM2n1jeMkfxKpHEJzu3mQ7mvpm2ZD39aRuSHonswnzNuntvnbTQXZWrwHLaJ0zqMfrLIEhz65Mi3AT7E5asC6Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:17 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: sgpbubua48kvgaqlp2hovvtnu8nhpspg

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 04A2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gz5C-YXNTnmRF7r_BlIuLw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

48ms
48ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gz5C-YXNTnmRF7r_BlIuLw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FY0btzw4RDMda3mS6T6GjvppWT8Ohbqpqhf20qT7xnkaLJZXl1c5WZGu9FsjPnw9ZCNa9E41YvQqdvOutDroC8Tb9dojIzNrw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gz5C-YXNTnmRF7r_BlIuLw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FY0btzw4RDMda3mS6T6GjvppWT8Ohbqpqhf20qT7xnkaLJZXl1c5WZGu9FsjPnw9ZCNa9E41YvQqdvOutDroC8Tb9dojIzNrw
date: Mon, 28 Nov 2022 12:29:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 04A2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBLKFPWHw3RWYuWQSLLK_EY&google_cver=1&google_push=ASkJ3FbK0NxntyqoFbIFurZaoa9SnfsaD5a981PRSmtaRVrxC7NE58MvYJyMerG0zyQRxFAHRwy...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwUk9UMFctMUYtSlJHMQ==&google_push=ASkJ3FbK0NxntyqoFbIFurZaoa9SnfsaD5a981PRSmtaRVrxC7NE58MvYJyMerG0zyQRxFAHRwypG0s8wM2poh0MLelKX7nWBODmdg

170 B
188 B

48ms
47ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwUk9UMFctMUYtSlJHMQ==&google_push=ASkJ3FbK0NxntyqoFbIFurZaoa9SnfsaD5a981PRSmtaRVrxC7NE58MvYJyMerG0zyQRxFAHRwypG0s8wM2poh0MLelKX7nWBODmdg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwUk9UMFctMUYtSlJHMQ==&google_push=ASkJ3FbK0NxntyqoFbIFurZaoa9SnfsaD5a981PRSmtaRVrxC7NE58MvYJyMerG0zyQRxFAHRwypG0s8wM2poh0MLelKX7nWBODmdg
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 04A2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBrWS4LGr63lQ4uQoBrLR5A&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBrWS4LGr63lQ4uQoBrLR5A&google_hm=Y4SpnbkEP4DD1sYNj6ks7gAACEkAAAIB&google_nid=index&google_push=ASkJ3FZI8iJLjlX9q2drVKFETH_amK5Xt3kST...

170 B
188 B

49ms
48ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBrWS4LGr63lQ4uQoBrLR5A&google_hm=Y4SpnbkEP4DD1sYNj6ks7gAACEkAAAIB&google_nid=index&google_push=ASkJ3FZI8iJLjlX9q2drVKFETH_amK5Xt3kSTcx6IZ7RQRkYGNb3XUWA_qljH-8V1p1dzi2QcrWN2xX2Gw62x1xlTFu5DoNxn-tzrQ

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkd0hAhwx2UDJRjjyqJzTuU86Ql5qeoTlDH%2BuZYB60n4MbnzwBozt42Hp0ALL6CWps7VQ6a3WLi7PRNRodSUAbzgkvqNZldoQAR28VEZKeWBzWuVc8sr2LZHvJvh0uqWdvxatMfXBj7BbA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBrWS4LGr63lQ4uQoBrLR5A&google_hm=Y4SpnbkEP4DD1sYNj6ks7gAACEkAAAIB&google_nid=index&google_push=ASkJ3FZI8iJLjlX9q2drVKFETH_amK5Xt3kSTcx6IZ7RQRkYGNb3XUWA_qljH-8V1p1dzi2QcrWN2xX2Gw62x1xlTFu5DoNxn-tzrQ
cache-control: no-cache
cf-ray: 77131bc02c36bbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 04A2 0
12 B 47ms
44ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IKGpYeZfas3Q6C4ri042z07kvVO4Yh94kalagoWSheWDJRLBqH_BOPby7I-L0N6YQNDMtf

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1249
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
47ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 12:29:18 GMT
expires: Mon, 28 Nov 2022 12:29:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 12:29:18 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 85ms
85ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

286dd53ca3c1793ec45c41fe3bf689d146882422a15a985089fa81e26e995f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11092
x-xss-protection: 0

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D55 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7309336351038481&output=html&h=581&adk=306670146&adf=943040441&pi=t.aa~a.1500148137~rp.4&w=799&lmt=1669638557&nsk=2199eec3&rafmt=11&pwprc=6230483718&ad_type=text_image&format=799x581&url=http%3A%2F%2Fglobalnews18.in%2F&host=ca-host-pub-2644536267352236&pra=3&wgl=1&fa=26&dt=1669638557255&bpp=1&bdt=2429&idt=-M&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7283c3079058955b-224b72799dd70004%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag&gpic=UID%3D00000b894dd6332a%3AT%3D1669638555%3ART%3D1669638555%3AS%3DALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ&prev_fmts=0x0&nras=2&correlator=954368420226&frm=20&pv=1&ga_vid=233162662.1669638555&ga_sid=1669638556&ga_hid=267565486&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=1871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070968%2C44770881%2C44779077&oid=2&pvsid=1235978971488900&tmod=1237824282&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=sUem1ETCef&p=http%3A//globalnews18.in&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 07:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 07:57:30 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 12:29:18 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6D6A 13 KB
5 KB 42ms
40ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://globalnews18.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 766
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 12:16:32 GMT
expires: Tue, 28 Nov 2023 12:16:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F499 783 B
536 B 49ms
48ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f4445b2bbc2c9473f23e4a2c66dd123368cc597acd5b3789e0ee016c670d7043

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-amgv3UfGyXYQfYsQwk51QA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://globalnews18.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-amgv3UfGyXYQfYsQwk51QA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 12:29:18 GMT
expires: Mon, 28 Nov 2022 12:29:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 26DA 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRjmLzv_pJGF_J84n_lfyJ3Uk-ysRhz4nznqkj_f-SXH0vTSimh8LF8g1wMv3MIacNQsv9RWTJCQS9VyuYrRiDtAeXHBkJ0DUxbF3IDFbJ0tyNpIAWYBtmuv9b1cpKO5Blv7zOeg&sai=AMfl-YRdFN32SWJkvGqjeFSkNTXoNDxJjvc5iVVnqkkZTE5lEATD8TZcsntnaafRoGl2LhnJOoZ6MU3U-LiAFzE&sig=Cg0ArKJSzKYThNyxcOzEEAE&cid=CAQSGwDq26N9KvHZf9wIh_HO5ZMyBWhzRi7AL6obvRgBIBM&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=605,1000,1000,1000,1000&tos=605,395,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1669638557352&rpt=605&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 12:29:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F499 0
0 72ms
70ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1235978971488900&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D6A 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 07:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 07:57:30 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6D6A 0
10 B 37ms
37ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XXHZpw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 12:29:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
74ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1235978971488900&bg=!MDOlM3fNAAbvMpMzzzI7ACkAdvg8Wh8xFPy1PYEdcaKQcthm4x03bn4Akl3nbX2SjZlIqJaM0uaxsAIAAABNUgAAAARoAQeZAqIX91oV8f5B7-77C3kXgThxXu7LAR1Vfc6zdD1VfpEDDlHNPNdgeDEQNS_N6av6R1-GzxyVBmDeRn586vgaIwU2UVulEvttnbrslRhAZabab6MAeVpOi8sTErCpxLqA9qrJ4dTwCMBTJ_iRd0AwbFasKsvs4o9sl4yrrUoCNQR0K69VYC5uX-H7PZGcm4tqpVWWzUkjT0nzIJg5ViYnFcsIhbomnLaCmFv_ERPA0ZigIhHH1rRnIb6TVSjD_X1n4YNxAlhNDcVdlSCooh_DFQWktsLI_V1vyVyXIVW3u5MtSGbzdztzsbpOhUGFbL8q6J3XG2JeWom2UdI2_OWwp1ZwnVBgNQ7bwK6NSa3NwAVDn5u0GtB_ijKieRQP46_s970gEJEo8BmnVKITa3Y0rE1XA4SzQpdHax2M1DCGYCBwk-VKZtWn0DgnRf5uGQeyekLRr4n3wmeP6FCIHPQ2oQRWuLai7trzRMYD3rn8jltjOMBxX8wgHqMT2Vn4xSlVqAqkuvvuKfzOFk254fWELIJqCQk6kAEW8OUIh6FFJ_Oo6yx2EWBIdxN-YUHm4Ab4LP-kTWnr34n67j77dWf4gL6uNJ730Bb1sbt5zUIL43xP2cGonTgjKHAXiAYnFUD9NKraFzbyz3eN4nPKEVdtxCylGInpuVDKYoam8IHod4lNL0r1fZXL_xhbewhPMsXUKdddvjpn5pANK05fh7jjgx7QXtloh6r6To9_sX_GeCmZW-F1lX02BhePK_vgIkJNuIeKC9W4GL1vOAcOkiKRnEu__2ydXiGUCRbqk2LZ5Q0ew06HvXoE0et6kiZcKOIMGCXNB0_1bYphoB1Nh9wVQbXdn6u-03ouf2W0qoFskqA7sj6sYNyePZ_NP5umrQd-4--xAg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://globalnews18.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.globalnews18.in/	1970-01-20 17:23:18	Name: _ga_D2YKRE48J3 Value: GS1.1.1669638555.1.0.1669638555.0.0.0
.globalnews18.in/	1970-01-20 17:23:18	Name: _ga Value: GA1.2.233162662.1669638555
.globalnews18.in/	1970-01-20 07:48:44	Name: _gid Value: GA1.2.2089359347.1669638555
.globalnews18.in/	1970-01-20 07:47:18	Name: _gat_gtag_UA_232400953_1 Value: 1
.globalnews18.in/	1970-01-20 17:08:54	Name: __gads Value: ID=7283c3079058955b-224b72799dd70004:T=1669638555:RT=1669638555:S=ALNI_MaKhO2tAZHpfSCwFOz6OlhfHuzWag
.globalnews18.in/	1970-01-20 17:08:54	Name: __gpi Value: UID=00000b894dd6332a:T=1669638555:RT=1669638555:S=ALNI_MZfdZ6bDHBb4SKuKC_yIpv2lAMXVQ
.casalemedia.com/	1970-01-20 16:32:54	Name: CMID Value: Y4SpnbkEP4DD1sYNj6ks7gAA
.casalemedia.com/	1970-01-20 09:56:54	Name: CMPS Value: 2121
.casalemedia.com/	1970-01-20 09:56:54	Name: CMPRO Value: 2121
.adnxs.com/	1970-01-20 09:56:54	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU$l!Yr)!]tbPl1M>e)ZlrFUfJ+tGXvWBD#nOATaL:nDW[5pDAKgeHo]y=]5-R9TRO+D3If)y3KL9D3I?*vVQFX@
.adnxs.com/	1970-01-20 09:56:54	Name: uuid2 Value: 821732830734607404
.doubleclick.net/	1970-01-20 17:08:54	Name: IDE Value: AHWqTUlBlN3URw2QyzHXkGuiXNtwLzddzqUBJKga0Ot1bHvm5LbBSBfNsyl16H0Q5Mc
.quantserve.com/	1970-01-20 09:56:54	Name: d Value: EGgBCQHXJ4EA
.quantserve.com/	1970-01-20 17:17:32	Name: mc Value: 6384a99e-78eb8-0eb7f-63b9a
.pubmatic.com/	1970-01-20 07:48:44	Name: KTPCACOOKIE Value: YES
.doubleclick.net/	1970-01-20 07:47:22	Name: DSID Value: NO_DATA
.pubmatic.com/	1970-01-20 09:56:54	Name: KADUSERCOOKIE Value: 833E42F9-85CD-4E79-9117-BAFF06522E2F
.e.dlx.addthis.com/	1970-01-20 17:17:32	Name: na_tc Value: Y
.casalemedia.com/	1970-01-20 09:56:54	Name: CMTS Value: 2190
.addthis.com/	1970-01-20 17:17:32	Name: na_tc Value: Y
.dlx.addthis.com/	1970-01-20 08:30:30	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 08:30:30	Name: na_sr Value: 20221128
.dlx.addthis.com/	1970-01-20 07:47:18	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 08:30:30	Name: na_sc_e Value: 0
.addthis.com/	1970-01-20 17:17:32	Name: na_id Value: 2022112812291800096036896253
.addthis.com/	1970-01-20 17:17:32	Name: uid Value: 6384a99eaee70396
.addthis.com/	1970-01-20 17:17:32	Name: ouid Value: 6384a99e00010e313712dad0b7ba793cd9b51a45e782114b46be

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FY3-EMx-nKHvzQ2SVT6kKFY4_rIx8pc-fxGJEYunYDvUr9Zb3etQQuLxhO2DvQ0icalQmMGwEMxyk2-Se3ZlknC9FBbpLO1kw&google_gid=CAESEPJ3NyuzFuTk_659UIdwtzI&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.onesignal.com
cm.g.doubleclick.net
cms.quantserve.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
globalnews18.in
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
odr.mookie1.com
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
region1.google-analytics.com
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.76.200.221
134.119.218.58
142.250.181.226
142.250.186.162
172.64.154.237
185.64.190.78
185.80.39.216
185.89.210.90
2001:4860:4802:34::36
2606:4700::6812:e134
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2008
2a00:1450:4001:809::2002
2a00:1450:4001:810::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::200a
34.98.67.61
35.186.253.211
35.244.174.68
69.173.144.139
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02afd1162542e3ac4fa9e3a3cd7b3c9b552f30a274e34fd5da7b2533192b9c00
047191068f968fc097c17373538842db15424538e787364b06ae45766e444eb6
09e0b0ef353adc055d0c59fbfadc883cc6cf9d2e7a923ccff3db6d9235123f7d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6fc085d89824e247b8a8bf901aec4bb2dc0d20d6b9d343debc33ed6309f516
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14994e66f3bfbb683584b6366cbdc25ec6c1d988445edf1511e8228d54314f8a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
2188dace2c6937cf7aae62249d33edcb61a13e7470de49398c31aafb1a52f53f
286dd53ca3c1793ec45c41fe3bf689d146882422a15a985089fa81e26e995f0c
2baf5293971a6ee7bcf4d6efe6a20e9a4e39c6b6da7933eafd8e7a62b380d0cd
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2fb748eaa5e4d3796ad6d387e9994e82ca9c6259b2441c47770b48e7dc08216f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33a3b2b4bb13ccc6ea24e09ac28cf3934212a8191289ff8e032b8a25d84997f8
3b30a036c9441cb8e94a7722ecda58620153b3014ae85b37ed34f796c4aa8ba0
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56fa3579291144f224e0680a0f30f3d3c627f4c8825ec9fab32f3a13ae935f60
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
617987cfcaeccdc52b6e9617a307aa1f96c9773c8284047475bcdeb320ce29fe
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f335660f075981bb795657514c44aada2d9759e5c6df150cba6582cc1aff74
64ec59fb0df50c830e023c4f32ff0235cb6e48b6d10d8285b700d8084512365a
661f3e96c72b127e61cbdc4ab8199ae1462b627947be45607600517f62190a9a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
730d638bfcb45de0dea243da354a54f2d53144815096e32cb2fe53fc20ca7c87
74d4330148432b4d2cb33b29fda64b4aeed403d413ba88a0839ba83ea84fb1d5
775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
804392b27c6b889e295c78fe19d833b3e008d6bfbddc0f5bb0d9e68b84e746cd
8204614997920fdce6bb860f4a25f632696e0ecc51a710e4d28efd00ccb9677c
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8911f50f94b85ddf865720cb3478201c8bee7b9ced925db3a099beb1e91b6cad
8c60f1a63c631bc27ab78f004b50a0b5c4ddb971e7f14f6a3b55d51ec364ef73
91c2d4b8227a7a584517e26b4d966bef620797744a87dcc0d603f6e5f34061f6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b21a916c4a5f1a41d88771423591e00d850b3aac5227ad16567002d626514f4
9c993ab957b4b88dd3ff815ccab1d77d885d6e1ba0a8f71dc5ba2fdd2ea2012b
9cf4a7e5a645c8578b3397542d9669f2549d2a3cec259b7d393f84fc1eaf73a6
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a82e9bbc53dabf26a2e0aa61a301e8a7b5438a86679820250923d74c6ac241d5
a931894a43b05d87b68401096264811348f68d093ae065a669a3899903a8399a
ac36cc3ca01b777cd0b5f40724a6b47ca0330afebff3ae8305279657f8aba02a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b069fcfa1d6f12e020d870473a5b9ca2104a7ae63c237b8b80fe6fb7d83ba250
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b725f35e308def4736aad3486c46c935a0ae3699b5d7c6841e0ec12bb1b82149
b753596c0fdc3e3a89de9f55da59a977bb0a2c7d283a65200b8be041dd0dc581
b9d17f73abf931768b3843eab00db6d0017a7801a0843d3f9249fa9e2c057758
bec5be05b7f0f25e8010b06aab95e1fdfd88c1876297c9b99b11f55fa6e5c15e
c2095f37ffd6f4083fdfb798ce9ccfa989e28401997a9cb6bd0e8c8e0af82ddd
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c35a4c898a02eb28ea0f7585fa6d02d03e222dfee7b65722b617ec76b71520a2
cb82a1248272de94c2343fbd363aec666c162271d2491039636a1132b0eb4aa6
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d45bacbc12a5cd718051e9aac6d5028ee86ac741494060497a8ba43b22625950
d59f582e40beffda5a91a43d77f0358d65f62790f0376f071df63ac18eb7a73e
d5accafd0a2925cb9643f69178ca986e2da7c965074b6e53af9e8074fcea4a6d
da42dfe0d8b39a3eb319dd568fa04f7f0f46fc2fdd5a93679de554ae79ae060a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9a0668cde46f12b00b38fb7332aa8f2e2d5a3aa8b7fbbdd454bf6fb63528a11
eb0da82fce505792f8a8ad061253ad42853e285ae1b391e9fa8a5fa84d2bedf9
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4445b2bbc2c9473f23e4a2c66dd123368cc597acd5b3789e0ee016c670d7043
f80d1f02dbd18037cb448f2c495167f0e8fbc24fe49cf4a22978a2f0ff5a6934
f9d19dad2735ab61ad8b8163896814cbb77a8bbfb7282a0bd6873eb4b30f631d
f9e387d5e4df78a6e51b677bc7e1e84729a28f9dfdab13cfa23f17a6b0555fe9
fc0db3ac0b6fddade328fa2531cb45a51742ed34c6b25e1b49c06b0db83edf78

globalnews18.in Open in urlscan Pro 134.119.218.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

133 Requests

83 %HTTPS

54 %IPv6

22 Domains

29 Subdomains

23 IPs

5 Countries

2142 kBTransfer

4757 kBSize

27 Cookies

1 Outgoing links

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

globalnews18.in Open in urlscan Pro
134.119.218.58 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

83 %
HTTPS

54 %
IPv6

22
Domains

29
Subdomains

23
IPs

5
Countries

2142 kB
Transfer

4757 kB
Size

27
Cookies

133 HTTP transactions
3 data transactions