upbhulekh.landrecords.co Open in urlscan Pro
65.20.70.212  Public Scan

26 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response upbhulekh.landrecords.co/	37 KB 8 KB	776ms 292ms	Document text/html	65.20.70.212 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://upbhulekh.landrecords.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.20.70.212 Mumbai, India, ASN20473 (AS-CHOOPA, US), Reverse DNS 65.20.70.212.vultrusercontent.com Software / Express Resource Hash e255fc52e0bb1e3a0dbb39943058f49ba5fe2ad7627c30d9acea8a4a5caf84ae Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control public, max-age=0 content-encoding gzip content-type text/html; charset=utf-8 date Mon, 01 Jan 2024 08:43:00 GMT etag W/"9431-Ok7O1x4PKgDJsAGfHybsv6HxQeM" vary Accept-Encoding x-powered-by Express
GET H2	200	Mukta.woff2 upbhulekh.landrecords.co/assets/	132 KB 132 KB	232ms 231ms	Font font/woff2	65.20.70.212 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://upbhulekh.landrecords.co/assets/Mukta.woff2 Requested by Host: upbhulekh.landrecords.co URL: https://upbhulekh.landrecords.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.20.70.212 Mumbai, India, ASN20473 (AS-CHOOPA, US), Reverse DNS 65.20.70.212.vultrusercontent.com Software / Express Resource Hash ff7ee9f632cdcd531601573468b2124c0aa497bb764e6eca15596b5b558a5d6d Request headers Referer https://upbhulekh.landrecords.co/ Origin https://upbhulekh.landrecords.co accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Mon, 01 Jan 2024 08:43:00 GMT last-modified Fri, 29 Dec 2023 06:35:59 GMT etag W/"21024-18cb44969aa" x-powered-by Express vary Origin content-type font/woff2 access-control-allow-origin https://upbhulekh.landrecords.co cache-control public, max-age=31536000 access-control-allow-credentials true accept-ranges bytes content-length 135204
GET H2	200	post.css upbhulekh.landrecords.co/assets/	8 KB 2 KB	823ms 822ms	Stylesheet text/css	65.20.70.212 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://upbhulekh.landrecords.co/assets/post.css?v=606d6c6e8e Requested by Host: upbhulekh.landrecords.co URL: https://upbhulekh.landrecords.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.20.70.212 Mumbai, India, ASN20473 (AS-CHOOPA, US), Reverse DNS 65.20.70.212.vultrusercontent.com Software / Express Resource Hash 2c68f742f2d240c6a6b7157efab110861a19620bfedecf5bdd7fcc6dcdb6dda2 Request headers accept-language en-US,en;q=0.9 Referer https://upbhulekh.landrecords.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Mon, 01 Jan 2024 08:43:00 GMT content-encoding gzip last-modified Fri, 29 Dec 2023 06:35:59 GMT etag W/"20d8-18cb44969a6" x-powered-by Express vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	footer.css upbhulekh.landrecords.co/assets/	2 KB 842 B	822ms 822ms	Stylesheet text/css	65.20.70.212 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://upbhulekh.landrecords.co/assets/footer.css?v=606d6c6e8e Requested by Host: upbhulekh.landrecords.co URL: https://upbhulekh.landrecords.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.20.70.212 Mumbai, India, ASN20473 (AS-CHOOPA, US), Reverse DNS 65.20.70.212.vultrusercontent.com Software / Express Resource Hash e804b458aab0ad4855fe5ffaf02a107be66cca92aae34aff1e16b618e5ce39c6 Request headers accept-language en-US,en;q=0.9 Referer https://upbhulekh.landrecords.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Mon, 01 Jan 2024 08:43:00 GMT content-encoding gzip last-modified Fri, 29 Dec 2023 06:35:59 GMT etag W/"797-18cb44969aa" x-powered-by Express vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	145 KB 51 KB	125ms 60ms	Script text/javascript	2607:f8b0:4004:c09::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3923769052753359 Requested by Host: upbhulekh.landrecords.co URL: https://upbhulekh.landrecords.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e915c87370cd90d3c074530ea65c0de3e3f228c0be9b90c1cf9f733e614ab818 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://upbhulekh.landrecords.co/ Origin https://upbhulekh.landrecords.co accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Mon, 01 Jan 2024 08:43:00 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51246 x-xss-protection 0 server cafe etag 8002648279736568097 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 01 Jan 2024 08:43:00 GMT
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/	399 KB 135 KB	134ms 71ms	Script text/javascript	2607:f8b0:4004:c09::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3923769052753359 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6efda48e80b2f1710bea21e24048d2b7175905403d026a9cda5f3b8130663d5c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://upbhulekh.landrecords.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Mon, 01 Jan 2024 08:43:01 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 137916 x-xss-protection 0 server cafe etag 1916131603004031834 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Mon, 01 Jan 2024 08:43:01 GMT
GET H2	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame DCF1	9 KB 4 KB	100ms 32ms	Document text/html	2607:f8b0:4004:c09::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3923769052753359 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://upbhulekh.landrecords.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 39333 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4130 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 31 Dec 2023 21:47:28 GMT etag 5585625838579639069 expires Sun, 14 Jan 2024 21:47:28 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	403	ads Show response googleads.g.doubleclick.net/pagead/ Frame 7647	603 B 67 B	52ms 52ms	Document text/html	2607:f8b0:4004:c09::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3923769052753359&output=html&adk=1812271804&adf=3025194257&lmt=1704098581&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fupbhulekh.landrecords.co%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704098580995&bpp=7&bdt=195&idt=264&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5709117198398&frm=20&pv=2&ga_vid=397124278.1704098581&ga_sid=1704098581&ga_hid=1685532249&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C31080104%2C95320884&oid=2&pvsid=3488070227272580&tmod=1192142932&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=302 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://upbhulekh.landrecords.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 01 Jan 2024 08:43:01 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	Screenshot-2023-12-28-084257.png upbhulekh.landrecords.co/content/images/2023/12/	625 KB 625 KB	234ms 233ms	Image image/png	65.20.70.212 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://upbhulekh.landrecords.co/content/images/2023/12/Screenshot-2023-12-28-084257.png Requested by Host: upbhulekh.landrecords.co URL: https://upbhulekh.landrecords.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.20.70.212 Mumbai, India, ASN20473 (AS-CHOOPA, US), Reverse DNS 65.20.70.212.vultrusercontent.com Software / Express Resource Hash 636d391a091753c1c36339eff75531a9f1355b345aea24c2cd32547fe52eb010 Request headers accept-language en-US,en;q=0.9 Referer https://upbhulekh.landrecords.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Mon, 01 Jan 2024 08:43:01 GMT last-modified Fri, 29 Dec 2023 03:58:04 GMT etag W/"9c33d-18cb3b8d82e" x-powered-by Express content-type image/png cache-control public, max-age=31536000 accept-ranges bytes content-length 639805
GET H2	200	Screenshot-2023-12-28-113221.png upbhulekh.landrecords.co/content/images/2023/12/	91 KB 91 KB	666ms 666ms	Image image/png	65.20.70.212 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://upbhulekh.landrecords.co/content/images/2023/12/Screenshot-2023-12-28-113221.png Requested by Host: upbhulekh.landrecords.co URL: https://upbhulekh.landrecords.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.20.70.212 Mumbai, India, ASN20473 (AS-CHOOPA, US), Reverse DNS 65.20.70.212.vultrusercontent.com Software / Express Resource Hash 8105b3b6583600cb492ffaac7e8df1b06ad27565f5c95406df2190bf9435daa5 Request headers accept-language en-US,en;q=0.9 Referer https://upbhulekh.landrecords.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Mon, 01 Jan 2024 08:43:01 GMT last-modified Fri, 29 Dec 2023 03:58:17 GMT etag W/"16aac-18cb3b90933" x-powered-by Express content-type image/png cache-control public, max-age=31536000 accept-ranges bytes content-length 92844
GET H2	200	Screenshot-2023-12-28-113514.png upbhulekh.landrecords.co/content/images/2023/12/	72 KB 73 KB	747ms 747ms	Image image/png	65.20.70.212 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://upbhulekh.landrecords.co/content/images/2023/12/Screenshot-2023-12-28-113514.png Requested by Host: upbhulekh.landrecords.co URL: https://upbhulekh.landrecords.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.20.70.212 Mumbai, India, ASN20473 (AS-CHOOPA, US), Reverse DNS 65.20.70.212.vultrusercontent.com Software / Express Resource Hash 4e40ab12cc4eae6c9218afd08de142dfbe9e9989575ddd48d67a4844de64a306 Request headers accept-language en-US,en;q=0.9 Referer https://upbhulekh.landrecords.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Mon, 01 Jan 2024 08:43:01 GMT last-modified Fri, 29 Dec 2023 03:58:29 GMT etag W/"1219d-18cb3b93828" x-powered-by Express content-type image/png cache-control public, max-age=31536000 accept-ranges bytes content-length 74141
GET H2	200	Screenshot-2023-12-28-114558.png upbhulekh.landrecords.co/content/images/2023/12/	29 KB 29 KB	860ms 860ms	Image image/png	65.20.70.212 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://upbhulekh.landrecords.co/content/images/2023/12/Screenshot-2023-12-28-114558.png Requested by Host: upbhulekh.landrecords.co URL: https://upbhulekh.landrecords.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.20.70.212 Mumbai, India, ASN20473 (AS-CHOOPA, US), Reverse DNS 65.20.70.212.vultrusercontent.com Software / Express Resource Hash 2ec96a7834e1645ef527b9fb98f1f0ac9fc8fce438cea1dbec8ea8c84956192b Request headers accept-language en-US,en;q=0.9 Referer https://upbhulekh.landrecords.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Mon, 01 Jan 2024 08:43:01 GMT last-modified Fri, 29 Dec 2023 03:58:41 GMT etag W/"73fe-18cb3b965b8" x-powered-by Express content-type image/png cache-control public, max-age=31536000 accept-ranges bytes content-length 29694
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	64ms 63ms	XHR application/json	2607:f8b0:4004:c09::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash deaae3e6eedc794ce69ae8edfaaf0e3117b3502ce52d58d02c30b01b3e39a1c6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://upbhulekh.landrecords.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Mon, 01 Jan 2024 08:43:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12186 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	97ms 32ms	Script text/javascript	2607:f8b0:4004:c1d::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://upbhulekh.landrecords.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Mon, 01 Jan 2024 08:43:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 01 Jan 2024 08:43:01 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6510	13 KB 5 KB	36ms 31ms	Document text/html	2607:f8b0:4004:c1d::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://upbhulekh.landrecords.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 4476 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 01 Jan 2024 07:28:25 GMT expires Tue, 31 Dec 2024 07:28:25 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame F037	829 B 1 KB	111ms 46ms	Document text/html	2607:f8b0:4004:c08::63 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::63 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 942e3f34ed4f381982317d841b1256aa3c9dba5abc51b97158d2f75ece47385e Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-UrF9Of9942g-dUVPWWUN7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://upbhulekh.landrecords.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-UrF9Of9942g-dUVPWWUN7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 01 Jan 2024 08:43:01 GMT expires Mon, 01 Jan 2024 08:43:01 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame 6510	39 KB 15 KB	33ms 32ms	Script text/javascript	2607:f8b0:4004:c09::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sun, 31 Dec 2023 20:20:57 GMT content-encoding br x-content-type-options nosniff age 44524 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 30 Dec 2024 20:20:57 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame F037	0 0	47ms 46ms	Image text/html	2607:f8b0:4004:c09::9b GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3488070227272580&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 6510	0 10 B	31ms 31ms	Image text/plain	2607:f8b0:4004:c1d::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?uHQ5KQ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Mon, 01 Jan 2024 08:43:02 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	53ms 52ms	Image text/html	2607:f8b0:4004:c09::9b GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3488070227272580&bg=!xMelx4jNAAY3kmNgF5I7ADQBe5WfOKOI0TSNO6clxoEmEdrE7PxHRciWNG4WHezHjk0wbCyRQ6FRn5PC0TKDJ80bfDteAgAAAKxSAAAACGgBB5kC8VQHVTgeotW9bGWNRCjKlp2Qm6F6uZ2e7lJYG6UceQ5ozODxdAyyxmy5S0pEAqQXI5AsA1l5KPtw1G3mvSepYHTz87irf9nOhHokn7l6sXLYD4zUr97E5c1H1lauDoZX3i1T_z1frUKaMN04oC9FK5LspzI25cnk8rJLQ_ePtpIa0lKd-ppP3-VQQOnKUpQWS4g5yOLx0hBWJ9kEJ8T60xulYhrWCp38U0jy0FhKaDoPGXXAyIjyk06czQuvuyZ1El_g55zmqeiUeXExBCbO1ZaYnJ91o7XFIoWGmuhZpMk0_hm-QvQzk8MGvQjpQMcowAvBdbiZ-8UMGji387GI8Bv1dPVcfVCZm_Ug3jrHskyb6REtvha4cKbiIaVvELMIFfLKl322c0aVJu6aumdARQey-KkNoKFvvqQqpBBZEeKL2XB6OyCKgxxoccuJEvOZrX2Po-2c7xTrRjXOAtSulpPECc0sQBLHKX3xQMBJJ92TpaO5WOWnRgOcsBWthFGY0yka1WnzMMbTwZ6pvAdtPYnZhl3gpjxtNBaoecQS-tD6XuJEPaqgCrfToRXVkzZt7y7nIuJkm9toriwqBHV-UjjRU_6koThmtWzloSO80wPZSHuraEqTgsmXDTdkDANGkOmMYg0S6ivNbblU2uXHhDuP9DHTTuyE76eTqCVImhPXYGlUXqgngIhiy9Iz2yVVCppkU6rsf-_L5kcKCnKP4jZX8XbLbaTqBmVknILOGuDGIbQEAVYBo1FqSQ9a38wNaRe4S6xpGtK7PUA3iMDsosPSpctFs-vq4BjFZ8K7tMrVGG40moYxweP_Q_hesjZTajptqTqNG6ElYtpoKQShg3ydpLltxuXb3EO0b1TcQMvWIjdBibBFD1eJYRHjdNkqPczbPmjnrudk-Bbc-t_M_c7500Q9m2-mQ3RwAKRVKrX80W-G4pp6jolQxaZhVoMITqL7VrEZKG1PxVnoJ9Ex43XAHJQ221ienQ57ivCciQMFLA Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://upbhulekh.landrecords.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 17:21:39	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3923769052753359&output=html&adk=1812271804&adf=3025194257&lmt=1704098581&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fupbhulekh.landrecords.co%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704098580995&bpp=7&bdt=195&idt=264&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5709117198398&frm=20&pv=2&ga_vid=397124278.1704098581&ga_sid=1704098581&ga_hid=1685532249&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C31080104%2C95320884&oid=2&pvsid=3488070227272580&tmod=1192142932&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=302 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
upbhulekh.landrecords.co
www.google.com
2607:f8b0:4004:c08::63
2607:f8b0:4004:c09::9b
2607:f8b0:4004:c09::9d
2607:f8b0:4004:c1d::84
65.20.70.212
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2c68f742f2d240c6a6b7157efab110861a19620bfedecf5bdd7fcc6dcdb6dda2
2ec96a7834e1645ef527b9fb98f1f0ac9fc8fce438cea1dbec8ea8c84956192b
4e40ab12cc4eae6c9218afd08de142dfbe9e9989575ddd48d67a4844de64a306
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636d391a091753c1c36339eff75531a9f1355b345aea24c2cd32547fe52eb010
6efda48e80b2f1710bea21e24048d2b7175905403d026a9cda5f3b8130663d5c
8105b3b6583600cb492ffaac7e8df1b06ad27565f5c95406df2190bf9435daa5
942e3f34ed4f381982317d841b1256aa3c9dba5abc51b97158d2f75ece47385e
deaae3e6eedc794ce69ae8edfaaf0e3117b3502ce52d58d02c30b01b3e39a1c6
e255fc52e0bb1e3a0dbb39943058f49ba5fe2ad7627c30d9acea8a4a5caf84ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e804b458aab0ad4855fe5ffaf02a107be66cca92aae34aff1e16b618e5ce39c6
e915c87370cd90d3c074530ea65c0de3e3f228c0be9b90c1cf9f733e614ab818
ff7ee9f632cdcd531601573468b2124c0aa497bb764e6eca15596b5b558a5d6d