ciso.economictimes.indiatimes.com Open in urlscan Pro
2a02:26f0:3400:293::3126  Public Scan

Submitted URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true
Effective URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&re...
Submission: On October 20 via api from IN — Scanned from DE

Summary

This website contacted 36 IPs in 4 countries across 23 domains to perform 142 HTTP transactions. The main IP is 2a02:26f0:3400:293::3126, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is ciso.economictimes.indiatimes.com.
TLS certificate: Issued by DigiCert TLS Hybrid ECC SHA384 2020 CA1 on March 9th 2022. Valid for: a year.
This is the only time ciso.economictimes.indiatimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
67 2a02:26f0:340... 20940 (AKAMAI-ASN1)
3 2a02:26f0:340... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
3 223.165.28.18 55705 (INDIATIME...)
2 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 13.32.121.21 16509 (AMAZON-02)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
142 36
Apex Domain
Subdomains
Transfer
59 etb2bimg.com
st.etb2bimg.com — Cisco Umbrella Rank: 401878
js.etb2bimg.com — Cisco Umbrella Rank: 651892
img.etb2bimg.com — Cisco Umbrella Rank: 449032
etimg.etb2bimg.com — Cisco Umbrella Rank: 247951
541 KB
24 indiatimes.com
ciso.economictimes.indiatimes.com
agi-static.indiatimes.com — Cisco Umbrella Rank: 78777 Failed
economictimes.indiatimes.com — Cisco Umbrella Rank: 53762
idm.economictimes.indiatimes.com — Cisco Umbrella Rank: 211853 Failed
jsso.indiatimes.com — Cisco Umbrella Rank: 45800
341 KB
9 google.com
accounts.google.com — Cisco Umbrella Rank: 83
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 5017
115 KB
8 googlesyndication.com
a85f59ba8d899b4509648cbc099bc355.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
42 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
132 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8724
www.google.de — Cisco Umbrella Rank: 6045
2 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
www.linkedin.com — Cisco Umbrella Rank: 591
px4.ads.linkedin.com — Cisco Umbrella Rank: 6090
4 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
773 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
3 growthrx.in
static.growthrx.in — Cisco Umbrella Rank: 46106
api.growthrx.in — Cisco Umbrella Rank: 42767
13 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
imasdk.googleapis.com — Cisco Umbrella Rank: 435
131 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
89 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
159 KB
2 clmbtech.com
static.clmbtech.com — Cisco Umbrella Rank: 28412
ase.clmbtech.com — Cisco Umbrella Rank: 32095
10 KB
2 gstatic.com
fonts.gstatic.com
71 KB
1 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 637
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1140
43 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 742
3 KB
1 ibeat-analytics.com
api.ibeat-analytics.com — Cisco Umbrella Rank: 43427
345 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
28 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216
8 KB
1 tvid.in
tvid.in — Cisco Umbrella Rank: 46312
2 KB
142 23
Domain Requested by
26 img.etb2bimg.com ciso.economictimes.indiatimes.com
js.etb2bimg.com
25 st.etb2bimg.com ciso.economictimes.indiatimes.com
js.etb2bimg.com
st.etb2bimg.com
17 ciso.economictimes.indiatimes.com ciso.economictimes.indiatimes.com
js.etb2bimg.com
6 etimg.etb2bimg.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 accounts.google.com st.etb2bimg.com
accounts.google.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 www.google.de ciso.economictimes.indiatimes.com
3 www.google.com ciso.economictimes.indiatimes.com
tpc.googlesyndication.com
3 sb.scorecardresearch.com 1 redirects ciso.economictimes.indiatimes.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
3 idm.economictimes.indiatimes.com ciso.economictimes.indiatimes.com
economictimes.indiatimes.com
2 api.growthrx.in static.growthrx.in
2 www.facebook.com connect.facebook.net
2 connect.facebook.net ciso.economictimes.indiatimes.com
connect.facebook.net
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 px.ads.linkedin.com 2 redirects
2 www.googletagmanager.com st.etb2bimg.com
www.googletagmanager.com
2 fonts.gstatic.com ciso.economictimes.indiatimes.com
2 js.etb2bimg.com ciso.economictimes.indiatimes.com
2 economictimes.indiatimes.com ciso.economictimes.indiatimes.com
2 fonts.googleapis.com ciso.economictimes.indiatimes.com
1 region1.analytics.google.com www.googletagmanager.com
1 csp.withgoogle.com ciso.economictimes.indiatimes.com
1 a85f59ba8d899b4509648cbc099bc355.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 px4.ads.linkedin.com ciso.economictimes.indiatimes.com
1 www.linkedin.com 1 redirects
1 googleads.g.doubleclick.net www.googletagmanager.com
1 www.googleoptimize.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 static.growthrx.in ciso.economictimes.indiatimes.com
1 ase.clmbtech.com static.clmbtech.com
1 jsso.indiatimes.com static.clmbtech.com
1 api.ibeat-analytics.com ciso.economictimes.indiatimes.com
1 www.googletagservices.com ciso.economictimes.indiatimes.com
1 cdnjs.cloudflare.com st.etb2bimg.com
1 static.clmbtech.com ciso.economictimes.indiatimes.com
1 tvid.in ciso.economictimes.indiatimes.com
1 imasdk.googleapis.com ciso.economictimes.indiatimes.com
1 agi-static.indiatimes.com ciso.economictimes.indiatimes.com
142 43
Subject Issuer Validity Valid
mmnotification.indiatimes.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-09 -
2023-03-10
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
videoplayer.indiatimes.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-05 -
2023-07-07
a year crt.sh
*.economictimes.indiatimes.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2021-11-12 -
2022-11-22
a year crt.sh
samayam.indiatimes.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-03 -
2023-05-29
9 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
colombiaonline.com
R3
2022-08-23 -
2022-11-21
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
npepaper.indiatimes.com
R3
2022-09-15 -
2022-12-14
3 months crt.sh
jsso.indiatimes.com
Thawte RSA CA 2018
2022-01-15 -
2023-02-15
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
accounts.google.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
data.indiatimes.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-05 -
2023-04-26
8 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2022-03-01 -
2023-03-01
a year crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
*.google.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.google.de
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
www.google.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
www.google.de
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.appspot.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-07-29 -
2022-10-27
3 months crt.sh
b2b.economictimes.com
R3
2022-10-12 -
2023-01-10
3 months crt.sh

This page contains 7 frames:

Primary Page: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Frame ID: A29AC52F5187CBB2F409ED9518388DE1
Requests: 128 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&size=large&logo_alignment=left&theme=filled_blue&width=335&text=continue_with&shape=circle&client_id=304983860261-ji4osqdlk4bjp6369rb8mpt0fghlulkl.apps.googleusercontent.com&iframe_id=gsi_380560_228282&as=c%2B8kUptBXHjYi5%2FF1my6Mw
Frame ID: 89DEB1F8F132C045A108403CEB83759F
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&size=large&logo_alignment=left&theme=filled_blue&width=335&text=continue_with&shape=circle&client_id=304983860261-ji4osqdlk4bjp6369rb8mpt0fghlulkl.apps.googleusercontent.com&iframe_id=gsi_380579_299091&as=Ute8wlDteikNoo5GBB9Szw
Frame ID: 166E3ED4D474C294F456DE48847E8F7F
Requests: 3 HTTP requests in this frame

Frame: https://a85f59ba8d899b4509648cbc099bc355.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0BF40DD78D4F922AED87F26AE2C8A315
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 64A6B9CEEB3EB4DF03244CFD0996F31C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 50B5F87578E4C60B58DC441CC63488B0
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/comments.php?app_id=493378761855001&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3d1f2f33a4d6a%26domain%3Dciso.economictimes.indiatimes.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fciso.economictimes.indiatimes.com%252Ff346f44d2263648%26relation%3Dparent.parent&container_width=627&height=100&href=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319&locale=en_US&numposts=5&sdk=joey&version=v4.0&width=
Frame ID: E95049C19CF4B4C09C28F36D940B7957
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

WhatsApp's cloned app spying on Indians via recording video, audio, IT Security News, ET CISO

Page URL History Show full URLs

  1. https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/947533... Page URL
  2. https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/947533... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

142
Requests

96 %
HTTPS

92 %
IPv6

23
Domains

43
Subdomains

36
IPs

4
Countries

1750 kB
Transfer

4743 kB
Size

31
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true Page URL
  2. https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=269194&time=1666260380536&url=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue%26redirect%3D1 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D269194%26time%3D1666260380536%26url%3Dhttps%253A%252F%252Fciso.economictimes.indiatimes.com%252Fnews%252Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%252F94753319%253F%2526web_view%253Dtrue%2526redirect%253D1%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=269194&time=1666260380536&url=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue%26redirect%3D1&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=269194&time=1666260380536&url=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue%26redirect%3D1&liSync=true&e_ipv6=AQIRN86G8h2xUQAAAYP026zxvtkPynSewanuE7oSXj9lFuYu8T2KF3460-4NZzMQWv3vSExU
Request Chain 85
  • https://sb.scorecardresearch.com/c2/6036484/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js

142 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
94753319
ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/
370 KB
82 KB
Document
General
Full URL
https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
public, max-age=180
content-encoding
gzip
content-language
en
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 10:06:19 GMT
expires
Thu, 20 Oct 2022 10:09:19 GMT
last-modified
Thu, 20 Oct 2022 10:06:19 GMT
pragma
no-cache
server
Bhoot
strict-transport-security
max-age=25920000; includeSubdomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-cool
22.35
x-frame-options
sameorigin SAMEORIGIN
x-xss-protection
1; mode=block
ibeat.min.js
agi-static.indiatimes.com/cms-common/
0
0

locinfo
st.etb2bimg.com/
202 B
421 B
XHR
General
Full URL
https://st.etb2bimg.com/locinfo
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:288::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:19 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
202
expires
Thu, 20 Oct 2022 10:06:19 GMT
css
fonts.googleapis.com/
46 KB
2 KB
Fetch
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,600,700|Merriweather:300,300i,400,400i,700,700i,800,900|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Oct 2022 10:06:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:06:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Oct 2022 10:06:19 GMT
Primary Request 94753319
ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/
339 KB
71 KB
Document
General
Full URL
https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
68cde42fd37050ecd96d87949f34f73a64742abfe396f7bf7c20363e6e98cf6c
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
public, max-age=180
content-encoding
gzip
content-language
en
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 10:06:19 GMT
expires
Thu, 20 Oct 2022 10:09:19 GMT
last-modified
Thu, 20 Oct 2022 10:05:39 GMT
pragma
no-cache
server
Bhoot
strict-transport-security
max-age=25920000; includeSubdomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-cool
55.32
x-frame-options
sameorigin SAMEORIGIN
x-xss-protection
1; mode=block
js_etidentifierv.cms
economictimes.indiatimes.com/
39 KB
13 KB
Script
General
Full URL
https://economictimes.indiatimes.com/js_etidentifierv.cms?v=1
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:48c::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
content-msg
DATA_SERVED_FROM_CACHE
date
Thu, 20 Oct 2022 10:06:19 GMT
last-modified
Thu, 16 Dec 2021 10:45:41 GMT
server
Bhoot
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Accept-Encoding
x-cool
13.57
content-language
en-IN
content-type
application/javascript;charset=UTF-8
cache-control
public, must-revalidate, max-age=4927032
permissions-policy
ch-ua=(self "https://ase.clmbtech.com" "https://ade.clmbtech.com"), ch-ua-model=(self "https://ase.clmbtech.com" "https://ade.clmbtech.com"), ch-ua-mobile=(self "https://ase.clmbtech.com" "https://ade.clmbtech.com"), ch-ua-platform=(self "https://ase.clmbtech.com" "https://ade.clmbtech.com"), ch-ua-platform-version=(self "https://ase.clmbtech.com" "https://ade.clmbtech.com")
content-length
12142
expires
Fri, 16 Dec 2022 10:43:31 GMT
resolve
idm.economictimes.indiatimes.com/personalisation/logdata/uuid/
0
0

resolve
idm.economictimes.indiatimes.com/personalisation/logdata/uuid/ Frame
0
0
Preflight
General
Full URL
https://idm.economictimes.indiatimes.com/personalisation/logdata/uuid/resolve?type=7&source=13&_1666260379807
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.165.28.18 , India, ASN55705 (INDIATIMES-IN I World Tower, DLF CITY, IN),
Reverse DNS
Software
Bhoot /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
GET
Origin
https://ciso.economictimes.indiatimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-requested-with,Content-Type,origin,authorization,accept,client-security-token
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
https://ciso.economictimes.indiatimes.com
content-length
0
date
Thu, 20 Oct 2022 10:06:20 GMT
server
Bhoot
strict-transport-security
max-age=25920000; includeSubdomains
x-content-type-options
nosniff
x-frame-options
sameorigin
x-xss-protection
1; mode=block
jquery-3.3.0.min.js
js.etb2bimg.com/Themes/Release/js/
85 KB
30 KB
Script
General
Full URL
https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
453432f153a63654fa6f63c846eaf7ee9e8910165413ba3cc0f80cbeed7c302e
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:20 GMT
x-cool
22.67
content-length
30351
x-xss-protection
1; mode=block
last-modified
Wed, 19 Oct 2022 13:53:34 GMT
server
Bhoot
x-frame-options
sameorigin
vary
Accept-Encoding
content-language
en
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31463521
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-methods
GET,POST
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 13:58:21 GMT
et-ciso.png
st.etb2bimg.com/Themes/Release/images/site-logos/
6 KB
7 KB
Image
General
Full URL
https://st.etb2bimg.com/Themes/Release/images/site-logos/et-ciso.png
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a1abd88ea651bde8b1439dd6ec1be79807689cb794d96612a1eb65f503066556
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:19 GMT
x-cool
22.67
content-length
6626
last-modified
Fri, 12 Nov 2021 14:08:37 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=27741953
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 06 Sep 2023 12:12:12 GMT
default-200.jpg
st.etb2bimg.com/Themes/Release/images/responsive/
2 KB
3 KB
Image
General
Full URL
https://st.etb2bimg.com/Themes/Release/images/responsive/default-200.jpg
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
8b225e6ef02ebae8cfb985af7f12963e29b5c025f923ed4a8711d3214963b1a4
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:19 GMT
x-cool
22.69
content-length
2283
last-modified
Fri, 24 Jun 2022 12:37:43 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=28826451
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 19 Sep 2023 01:27:10 GMT
etciso-default.jpg
st.etb2bimg.com/Themes/Release/images/responsive/
28 KB
29 KB
Image
General
Full URL
https://st.etb2bimg.com/Themes/Release/images/responsive/etciso-default.jpg
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
73cee42bc8ca5ef317327ba4bff13b7fbb69080967cc93d43f676e2b14f5c419
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:20 GMT
x-cool
22.67
content-length
29173
last-modified
Wed, 22 Sep 2021 12:40:42 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=28865281
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 19 Sep 2023 12:14:21 GMT
sharect.js
st.etb2bimg.com/Themes/Release/js/
8 KB
3 KB
Script
General
Full URL
https://st.etb2bimg.com/Themes/Release/js/sharect.js?mod=2050
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
c442c5505279ba9b8dfe6bf548b2930ace9540cc2e025fcdee7f1e5987064cde
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:19 GMT
x-cool
22.68
content-length
2853
x-xss-protection
1; mode=block
last-modified
Wed, 19 Oct 2022 13:53:34 GMT
server
Bhoot
x-frame-options
sameorigin
vary
Accept-Encoding
content-language
en
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31463572
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-methods
GET,POST
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 13:59:11 GMT
default-400.jpg
st.etb2bimg.com/Themes/Release/images/responsive/
4 KB
4 KB
Image
General
Full URL
https://st.etb2bimg.com/Themes/Release/images/responsive/default-400.jpg
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
03b5778d4efa3226bb51c1644af6ed0bf87ae6fd3d9e86c7b7fb3baab1bf409b
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:20 GMT
x-cool
22.67
content-length
4012
last-modified
Fri, 24 Jun 2022 12:37:43 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=28826450
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 19 Sep 2023 01:27:10 GMT
default-300.jpg
st.etb2bimg.com/Themes/Release/images/responsive/
3 KB
3 KB
Image
General
Full URL
https://st.etb2bimg.com/Themes/Release/images/responsive/default-300.jpg
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
2dc57675634b0bb282f72edb7ced2e6fde506cefdb415f7ff05dfa3d3e147406
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:20 GMT
x-cool
22.67
content-length
3109
last-modified
Fri, 24 Jun 2022 12:37:43 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=28826451
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 19 Sep 2023 01:27:11 GMT
et-ciso-footer.png
st.etb2bimg.com/Themes/Release/images/site-logos/
3 KB
4 KB
Image
General
Full URL
https://st.etb2bimg.com/Themes/Release/images/site-logos/et-ciso-footer.png
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ae0565a599a56de1a6ac24b31471a92f53a741bd4b2c7c421c29a59460e4d9e5
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:20 GMT
x-cool
22.68
content-length
3505
last-modified
Mon, 18 Oct 2021 06:16:58 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=28865281
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 19 Sep 2023 12:14:21 GMT
app.init.min.js
js.etb2bimg.com/Themes/Release/js/
44 KB
14 KB
Script
General
Full URL
https://js.etb2bimg.com/Themes/Release/js/app.init.min.js?mod=2050
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
28fe0374b6c20216ecf826f1315de52fc80c8b34447aa3aa199d9d34e837175a
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:20 GMT
x-cool
22.68
content-length
13592
x-xss-protection
1; mode=block
last-modified
Wed, 19 Oct 2022 13:53:34 GMT
server
Bhoot
x-frame-options
sameorigin
vary
Accept-Encoding
content-language
en
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31463480
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-methods
GET,POST
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 13:57:40 GMT
ibeat.min.js
agi-static.indiatimes.com/cms-common/
12 KB
4 KB
Script
General
Full URL
https://agi-static.indiatimes.com/cms-common/ibeat.min.js
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:3a5::3857 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5175d9999434689350305aa94d1c932bd7aa76c471f9e0b14cf12a68fcc1fde3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:20 GMT
content-encoding
gzip
x-amz-request-id
RCV5A9X0GXQCCK9T
content-length
4030
x-amz-id-2
ZP7hID1AT/3aFpn85N0dfZjxpmDuU5jn1fPHiJpTOOi2AT40zb7u6SlmdTgmnphjA+ZjqmUdMoM=
last-modified
Fri, 07 Oct 2022 07:45:47 GMT
server
AmazonS3
etag
"b89af189a2c1d0d6402aed8bdc22848c"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-expose-headers
Date
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat Oct 07 13:15:42 IST 2023
js_etidentifierv.cms
economictimes.indiatimes.com/
39 KB
13 KB
Script
General
Full URL
https://economictimes.indiatimes.com/js_etidentifierv.cms?v=1
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:48c::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
fa03a0aa0825c718607bfaa226bfd6e8d903a3c637bd38a9165b31c125961510
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
content-msg
DATA_SERVED_FROM_CACHE
date
Thu, 20 Oct 2022 10:06:20 GMT
last-modified
Thu, 16 Dec 2021 10:45:41 GMT
server
Bhoot
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Accept-Encoding
x-cool
13.57
content-language
en-IN
content-type
application/javascript;charset=UTF-8
cache-control
public, must-revalidate, max-age=4927031
permissions-policy
ch-ua=(self "https://ase.clmbtech.com" "https://ade.clmbtech.com"), ch-ua-model=(self "https://ase.clmbtech.com" "https://ade.clmbtech.com"), ch-ua-mobile=(self "https://ase.clmbtech.com" "https://ade.clmbtech.com"), ch-ua-platform=(self "https://ase.clmbtech.com" "https://ade.clmbtech.com"), ch-ua-platform-version=(self "https://ase.clmbtech.com" "https://ade.clmbtech.com")
content-length
12142
expires
Fri, 16 Dec 2022 10:43:31 GMT
css
fonts.googleapis.com/
46 KB
2 KB
Fetch
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,600,700|Merriweather:300,300i,400,400i,700,700i,800,900|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b7c2ed8f6679fccdeede656c4c23453cea03a7732b0c1a377d16272ef3dae25c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Oct 2022 10:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:05:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Oct 2022 10:06:20 GMT
oauth.login.min.js
st.etb2bimg.com/Themes/Release/js/
172 KB
37 KB
Script
General
Full URL
https://st.etb2bimg.com/Themes/Release/js/oauth.login.min.js?mod=2050
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
d33199a5cabfda5d0bf95aea9b5e5e29aa1e497f489ba0c7ee666992bf8ce83e
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:20 GMT
x-cool
22.67
content-length
37399
x-xss-protection
1; mode=block
last-modified
Wed, 19 Oct 2022 13:53:34 GMT
server
Bhoot
x-frame-options
sameorigin
vary
Accept-Encoding
content-language
en
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31463619
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-methods
GET,POST
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 13:59:59 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/
380 KB
127 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab76c8f3c21530b36d51b97e8107597d45ce1e645213592cd5b1319924ef8391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129648
x-xss-protection
0
expires
Thu, 20 Oct 2022 10:06:20 GMT
loader.js
tvid.in/sdk/
3 KB
2 KB
Script
General
Full URL
https://tvid.in/sdk/loader.js
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:3a5::3857 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1514361e78d69a4b589ec73a16169af7ce398ef324b2c66f84ccdc647440a1c6
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 10:06:20 GMT
content-encoding
gzip
strict-transport-security
max-age=86400 ; includeSubDomains
last-modified
Mon, 15 Jun 2020 05:08:41 GMT
server
AmazonS3
x-amz-request-id
NRT7WEMNSAGFWKEG
etag
"f03fa7cfb2d8d671474b9d53fac4a0ff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache
accept-ranges
bytes
content-length
1285
x-amz-id-2
hS+AbSByxEPGpdPs+jJgHXs5jtg1lcfrZdQgmNDlGMbnqg2xBNz9VsxDqADAffX/XLPzp9g7l8w=
expires
Thu, 20 Oct 2022 10:06:20 GMT
resolve
idm.economictimes.indiatimes.com/personalisation/logdata/uuid/ Frame
0
0
Preflight
General
Full URL
https://idm.economictimes.indiatimes.com/personalisation/logdata/uuid/resolve?type=7&source=13&_1666260380056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.165.28.18 , India, ASN55705 (INDIATIMES-IN I World Tower, DLF CITY, IN),
Reverse DNS
Software
Bhoot /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
GET
Origin
https://ciso.economictimes.indiatimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-requested-with,Content-Type,origin,authorization,accept,client-security-token
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
https://ciso.economictimes.indiatimes.com
content-length
0
date
Thu, 20 Oct 2022 10:06:20 GMT
server
Bhoot
strict-transport-security
max-age=25920000; includeSubdomains
x-content-type-options
nosniff
x-frame-options
sameorigin
x-xss-protection
1; mode=block
resolve
idm.economictimes.indiatimes.com/personalisation/logdata/uuid/
80 B
575 B
XHR
General
Full URL
https://idm.economictimes.indiatimes.com/personalisation/logdata/uuid/resolve?type=7&source=13&_1666260380056
Requested by
Host: economictimes.indiatimes.com
URL: https://economictimes.indiatimes.com/js_etidentifierv.cms?v=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.165.28.18 , India, ASN55705 (INDIATIMES-IN I World Tower, DLF CITY, IN),
Reverse DNS
Software
Bhoot /
Resource Hash
0272cd273e0d456906b9df7935a9e1ce1c5eb0e9fca696dd2e6063e370bc07bf
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ciso.economictimes.indiatimes.com/
accept-language
de-DE,de;q=0.9
Authorization
dd14d3a96eaa1c594172030a04828aeb1666260380
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Oct 2022 10:06:20 GMT
strict-transport-security
max-age=25920000; includeSubdomains
x-content-type-options
nosniff
content-length
80
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu Oct 20 15:36:20 IST 2022
server
Bhoot
x-frame-options
sameorigin
access-control-allow-methods
POST,GET,OPTIONS
content-type
application/json;charset=ISO-8859-1
access-control-allow-origin
https://ciso.economictimes.indiatimes.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
x-requested-with,Content-Type,origin,authorization,accept,client-security-token
expires
-1
fontawesome-webfont.woff2
ciso.economictimes.indiatimes.com/Themes/Release/fonts/
75 KB
76 KB
Font
General
Full URL
https://ciso.economictimes.indiatimes.com/Themes/Release/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Origin
https://ciso.economictimes.indiatimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:20 GMT
last-modified
Fri, 11 Mar 2022 08:37:24 GMT
server
Bhoot
x-frame-options
SAMEORIGIN
x-cool
22.36
content-language
en
access-control-allow-origin
*
cache-control
max-age=27741840
access-control-allow-credentials
true
accept-ranges
bytes
content-length
77160
expires
Wed, 06 Sep 2023 12:10:20 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ciso.economictimes.indiatimes.com/
Origin
https://ciso.economictimes.indiatimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 18:50:24 GMT
x-content-type-options
nosniff
age
227756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 18:50:24 GMT
gaf.min.js
st.etb2bimg.com/Themes/Release/js/
14 KB
4 KB
Script
General
Full URL
https://st.etb2bimg.com/Themes/Release/js/gaf.min.js?mod=2050
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
dff44c850f488b29134037eb3abbf21164bbeed526b0542dd3c6de54fab65792
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:20 GMT
x-cool
22.68
content-length
4106
x-xss-protection
1; mode=block
last-modified
Wed, 19 Oct 2022 13:53:34 GMT
server
Bhoot
x-frame-options
sameorigin
vary
Accept-Encoding
content-language
en
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31463612
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-methods
GET,POST
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 13:59:52 GMT
line-pattern-min.png
ciso.economictimes.indiatimes.com/Themes/Release/images/responsive/
108 B
358 B
Image
General
Full URL
https://ciso.economictimes.indiatimes.com/Themes/Release/images/responsive/line-pattern-min.png
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
5096bc3e53da3f4e187d8bccc5b30e1822924c0c095c978645defa260b91f0f0
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:20 GMT
last-modified
Tue, 24 May 2022 12:10:12 GMT
server
Bhoot
x-frame-options
SAMEORIGIN
x-cool
22.33
content-language
en
access-control-allow-origin
*
content-type
image/png
cache-control
max-age=28499945
access-control-allow-credentials
true
accept-ranges
bytes
content-length
108
expires
Fri, 15 Sep 2023 06:45:25 GMT
locinfo
st.etb2bimg.com/
202 B
421 B
XHR
General
Full URL
https://st.etb2bimg.com/locinfo
Requested by
Host: js.etb2bimg.com
URL: https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:288::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
442d7d9e218bf498f058ec524d8cb7d64e792ba821e3ac263e3a9cac7e283f17

Request headers

Accept
*/*
Referer
https://ciso.economictimes.indiatimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:20 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
202
expires
Thu, 20 Oct 2022 10:06:20 GMT
aa.js
static.clmbtech.com/ase/33488/1645/
33 KB
9 KB
Script
General
Full URL
https://static.clmbtech.com/ase/33488/1645/aa.js
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8fa8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
44cd48eb1bf52aece27e0478150f0a9ffec6cc5e96f927afe8f58429d27fe381
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:20 GMT
content-length
9272
x-xss-protection
1; mode=block
last-modified
Mon, 13 Jun 2022 12:58:43 GMT
server
Bhoot
etag
"83ae-5e153d905713c-gzip"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
access-control-max-age
86400
access-control-allow-methods
GET,POST
cache-control
max-age=86400
access-control-allow-credentials
false
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 21 Oct 2022 10:06:20 GMT
croppie.css
st.etb2bimg.com/Themes/Release/
5 KB
2 KB
Stylesheet
General
Full URL
https://st.etb2bimg.com/Themes/Release/croppie.css
Requested by
Host: st.etb2bimg.com
URL: https://st.etb2bimg.com/Themes/Release/js/oauth.login.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
33ca3dbaa9c05513815a8dffd991d22091be6476da41da658c92cbbdda5e29c2
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
date
Thu, 20 Oct 2022 10:06:20 GMT
x-cool
22.68
content-length
1345
last-modified
Wed, 22 Jun 2022 13:59:13 GMT
server
Bhoot
vary
Accept-Encoding
access-control-max-age
86400
content-language
en
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=28826451
access-control-allow-credentials
true
access-control-allow-methods
GET,POST
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 19 Sep 2023 01:27:11 GMT
croppie_helper.css
st.etb2bimg.com/Themes/Release/
3 KB
1 KB
Stylesheet
General
Full URL
https://st.etb2bimg.com/Themes/Release/croppie_helper.css
Requested by
Host: st.etb2bimg.com
URL: https://st.etb2bimg.com/Themes/Release/js/oauth.login.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3d79fa85221425b43468845708b86a8aa34906187b2066c33135fdb400de6732
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
content-encoding
gzip
date
Thu, 20 Oct 2022 10:06:20 GMT
x-cool
22.69
content-length
926
last-modified
Wed, 29 Sep 2021 14:00:59 GMT
server
nginx
vary
Accept-Encoding
access-control-max-age
86400
content-language
en
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=28826451
access-control-allow-credentials
true
access-control-allow-methods
GET,POST
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 19 Sep 2023 01:27:11 GMT
croppie.js
st.etb2bimg.com/Themes/Release/javascript/
54 KB
12 KB
Script
General
Full URL
https://st.etb2bimg.com/Themes/Release/javascript/croppie.js
Requested by
Host: st.etb2bimg.com
URL: https://st.etb2bimg.com/Themes/Release/js/oauth.login.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
ef83971794dbc8a3fb5bc55aa7bad6d4dc46d52ef14f948d3b9482557f74673a
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:20 GMT
x-cool
22.67
content-length
11558
x-xss-protection
1; mode=block
last-modified
Tue, 09 Aug 2022 08:21:13 GMT
server
Bhoot
x-frame-options
sameorigin
vary
Accept-Encoding
content-language
en
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=28825996
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-methods
GET,POST
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 19 Sep 2023 01:19:36 GMT
exif.js
cdnjs.cloudflare.com/ajax/libs/exif-js/2.3.0/
40 KB
8 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/exif-js/2.3.0/exif.js
Requested by
Host: st.etb2bimg.com
URL: https://st.etb2bimg.com/Themes/Release/js/oauth.login.min.js?mod=2050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc59bb451bfa9167bf632b834dd4ec549c604daab95e43b551f2db6d8208fdaa
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
18351804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7881
last-modified
Mon, 04 May 2020 16:09:57 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e55-9e06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQTcc9fua%2Bec%2Fj3mGUqwi%2BqSJuci%2FiAVH7x2ImHbQWTSUauWB7sMAP6oiRCcnYFgDMJi7rS7cZG%2BmWVw7gvBY%2FRCXiZXILeuH%2FJuWj9Zz4JMZFHW2580xx5r9olqtCuDPhQLDz%2FdHJhObKeXAwxv775u"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75d0f0b03d159a1d-FRA
expires
Tue, 10 Oct 2023 10:06:20 GMT
isInViewport.min.js
st.etb2bimg.com/Themes/Release/js/
2 KB
1 KB
Script
General
Full URL
https://st.etb2bimg.com/Themes/Release/js/isInViewport.min.js?mod=2050
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
6e3df48d93c5f9ec0ae12ba62ddfff02f0cacb46fa84435d50f962829d8e9995
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:20 GMT
x-cool
22.68
content-length
1025
x-xss-protection
1; mode=block
last-modified
Wed, 19 Oct 2022 13:53:34 GMT
server
Bhoot
x-frame-options
sameorigin
vary
Accept-Encoding
content-language
en
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31463481
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-methods
GET,POST
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 13:57:41 GMT
app.analytics.gtm.js
st.etb2bimg.com/Themes/Release/js/
49 KB
7 KB
Script
General
Full URL
https://st.etb2bimg.com/Themes/Release/js/app.analytics.gtm.js?mod=2050
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
abd4c2ba69f4e75099d7d64effd1b0afd89f88e311e772e2fa4d6685b62dae2b
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:20 GMT
x-cool
22.67
content-length
6986
x-xss-protection
1; mode=block
last-modified
Wed, 19 Oct 2022 13:53:34 GMT
server
Bhoot
x-frame-options
sameorigin
vary
Accept-Encoding
content-language
en
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31463473
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-methods
GET,POST
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 13:57:33 GMT
etb2b_ajax_featured_section_grouped.php
ciso.economictimes.indiatimes.com/ajax_files/
40 B
724 B
XHR
General
Full URL
https://ciso.economictimes.indiatimes.com/ajax_files/etb2b_ajax_featured_section_grouped.php?fetchall=1&f0%5Btype%5D=prime-top-widget&f0%5Bboxid%5D=featured_header_prime_widget&f0%5Bcallback%5D=
Requested by
Host: js.etb2bimg.com
URL: https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
9a8a2bc53281d42a7abad29a5957ea3728a3d75cf30879f2a6299a985d814767
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:20 GMT
x-content-type-options
nosniff
x-cool
22.37
content-length
40
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 20 Oct 2022 10:06:20 GMT
server
Bhoot
x-frame-options
sameorigin, SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=180
access-control-allow-credentials
true
expires
Thu, 20 Oct 2022 10:09:20 GMT
etb2b_ajax_featured_section_grouped.php
ciso.economictimes.indiatimes.com/ajax_files/
7 KB
2 KB
XHR
General
Full URL
https://ciso.economictimes.indiatimes.com/ajax_files/etb2b_ajax_featured_section_grouped.php?fetchall=1&f1%5Btype%5D=in-page-promotions&f1%5Bboxid%5D=in-page-promotions_top_1&f1%5Bcallback%5D=inPagePromoCallback
Requested by
Host: js.etb2bimg.com
URL: https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
afd0292ab2ab81231e6986c436206bade5cc4b584fc66be5a7ff447829a2c20d
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:23 GMT
x-cool
55.34
content-length
1741
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 20 Oct 2022 10:06:23 GMT
server
Bhoot
x-frame-options
sameorigin, SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=300
access-control-allow-credentials
true
expires
Thu, 20 Oct 2022 10:11:23 GMT
etb2b_ajax_featured_section_grouped.php
ciso.economictimes.indiatimes.com/ajax_files/
32 B
715 B
XHR
General
Full URL
https://ciso.economictimes.indiatimes.com/ajax_files/etb2b_ajax_featured_section_grouped.php?fetchall=1&f2%5Btype%5D=featured_header_20&f2%5Bboxid%5D=featured_data_ticker&f2%5Bpage%5D=etb2b_newsdetails.php&f2%5Bcallback%5D=
Requested by
Host: js.etb2bimg.com
URL: https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
d62ab134d71cdadaf6c251d7afee2acac3cf0a47058c68ea7792a266aca8c20d
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:21 GMT
x-content-type-options
nosniff
x-cool
22.34
content-length
32
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 20 Oct 2022 10:06:21 GMT
server
Bhoot
x-frame-options
sameorigin, SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=180
access-control-allow-credentials
true
expires
Thu, 20 Oct 2022 10:09:21 GMT
etb2b_ajax_featured_section_grouped.php
ciso.economictimes.indiatimes.com/ajax_files/
62 B
747 B
XHR
General
Full URL
https://ciso.economictimes.indiatimes.com/ajax_files/etb2b_ajax_featured_section_grouped.php?fetchall=1&f3%5Btype%5D=featured_header_2&f3%5Bboxid%5D=featured_header_marquee&f3%5Bcallback%5D=&f4%5Btype%5D=featured_header_14&f4%5Bboxid%5D=featured_text_ad&f4%5Bcallback%5D=
Requested by
Host: js.etb2bimg.com
URL: https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
33a5d89b90a9479aa2d18dd3e709c164ad4195f3b0db9be6ce3132a0e00bf2b4
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:22 GMT
x-content-type-options
nosniff
x-cool
22.36
content-length
62
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 20 Oct 2022 10:06:22 GMT
server
Bhoot
x-frame-options
sameorigin, SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=180
access-control-allow-credentials
true
expires
Thu, 20 Oct 2022 10:09:22 GMT
etb2b_ajax_featured_section_grouped.php
ciso.economictimes.indiatimes.com/ajax_files/
983 B
1 KB
XHR
General
Full URL
https://ciso.economictimes.indiatimes.com/ajax_files/etb2b_ajax_featured_section_grouped.php?fetchall=1&f5%5Btype%5D=featured_section_ad&f5%5Bboxid%5D=featured_section_ad&f5%5Bfrom_url%5D=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue%26redirect%3D1&f5%5Bparams%5D=%7B%22keywords%22%3A%22magecart...iot...whatsapp...spyware...android...news%22%7D&f5%5Bcallback%5D=&f6%5Btype%5D=featured_multi_promotional_banner_32&f6%5Bboxid%5D=featured_multi_promotional_banner&f6%5Bcallback%5D=&f7%5Btype%5D=featured_header_10_15_all&f7%5Bboxid%5D=featured_promotional_ads_all&f7%5Bpage%5D=etb2b_newsdetails.php&f7%5Bfrom_url%5D=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue%26redirect%3D1&f7%5Bcallback%5D=
Requested by
Host: js.etb2bimg.com
URL: https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
ebff8e3fa7a91e7935e25e9559e903cb1862c455511a6bde9e0f9284746784bf
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:21 GMT
x-cool
22.37
content-length
495
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 20 Oct 2022 10:06:21 GMT
server
Bhoot
x-frame-options
sameorigin, SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=180
access-control-allow-credentials
true
expires
Thu, 20 Oct 2022 10:09:21 GMT
etb2b_ajax_featured_section_grouped.php
ciso.economictimes.indiatimes.com/ajax_files/
25 B
709 B
XHR
General
Full URL
https://ciso.economictimes.indiatimes.com/ajax_files/etb2b_ajax_featured_section_grouped.php?fetchall=1&f8%5Btype%5D=featured_header_22&f8%5Bboxid%5D=cont_widgt_hp2&f8%5Bpage%5D=etb2b_newsdetails.php&f8%5Bcallback%5D=
Requested by
Host: js.etb2bimg.com
URL: https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
ada6984e475088956fad66369980da3152edb9427e941621a8d42c903dfa5d4e
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:24 GMT
x-content-type-options
nosniff
x-cool
55.32
content-length
25
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 20 Oct 2022 10:06:24 GMT
server
Bhoot
x-frame-options
sameorigin, SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=180
access-control-allow-credentials
true
expires
Thu, 20 Oct 2022 10:09:24 GMT
gpt.js
www.googletagservices.com/tag/js/
79 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99b06eaa2f43d5c4654a11824da6f27b9821d51720d1d54ab3ebdba6392ed37f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27611
x-xss-protection
0
server
sffe
etag
"1369 / 747 of 1000 / last-modified: 1666255308"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 20 Oct 2022 10:06:20 GMT
ping
api.ibeat-analytics.com/
0
345 B
Image
General
Full URL
https://api.ibeat-analytics.com/ping?&url=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue%26redirect%3D1&et=po&sid=c7c2f7d8-bc8a-42bd-b5dd-e4fd6d3223a5&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&ln=0&ref=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue&ut=1&pot=1666260380215&at=5000&tt=2
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:b492 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:20 GMT
x-content-type-options
nosniff
server
Bhoot
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ibeatserv.indiatimes.com
access-control-allow-credentials
true
server-timing
cdn-cache; desc=MISS, edge; dur=143, origin; dur=6
access-control-allow-headers
content-type
content-length
0
x-xss-protection
1; mode=block
getTicket
jsso.indiatimes.com/sso/crossdomain/
70 B
698 B
Script
General
Full URL
https://jsso.indiatimes.com/sso/crossdomain/getTicket?version=v1&callback=window.$cr.handleCentralSsoCallBack
Requested by
Host: static.clmbtech.com
URL: https://static.clmbtech.com/ase/33488/1645/aa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8f79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
16922e0618061c38b2fecdfbe9725bbc3e018f855becf498d30ad8acae59ff21
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:20 GMT
server
Bhoot
x-frame-options
sameorigin
x-cool
88.38
access-control-allow-methods
GET,POST,OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
server-timing
cdn-cache; desc=MISS, edge; dur=217, origin; dur=17
access-control-allow-headers
Content-Type, Authorization, X-Requested-With, content-type, method, IsJssoCrosswalk,channel, ssec, tksec, ticketId, platform, sdkVersion, csrfToken, csut, gdpr, ssoid
content-length
70
x-xss-protection
1; mode=block
message
ase.clmbtech.com/
199 B
577 B
Script
General
Full URL
https://ase.clmbtech.com/message?cid=33488:1645&val_101=int:ciso.economictimes.indiatimes.com/news&val_102=https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1&val_120=0&val_125=1&val_123=magecart,%20iot,%20whatsapp,%20spyware,%20android&val_101=33488:1645
Requested by
Host: static.clmbtech.com
URL: https://static.clmbtech.com/ase/33488/1645/aa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8fa8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
78cc995be7d55f5dec66a8873360fbff9e548814617fa693039f382a164d5f84
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:20 GMT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
Bhoot
x-frame-options
sameorigin
content-type
text/plain;charset=ISO-8859-1
content-length
199
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/
265 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M5PJ984
Requested by
Host: st.etb2bimg.com
URL: https://st.etb2bimg.com/Themes/Release/js/app.analytics.gtm.js?mod=2050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3787e13f42f694ac50240a3327f7817af201adffeb35e1e731b736ea32af0386
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86609
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 20 Oct 2022 10:06:20 GMT
client
accounts.google.com/gsi/
191 KB
76 KB
Script
General
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: st.etb2bimg.com
URL: https://st.etb2bimg.com/Themes/Release/js/oauth.login.min.js?mod=2050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
570a0988755ed679ee57c73669c72ce35925d151760b3da59adee3b57430defd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fj0iYM6WtsEmcKEKuFG1UA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:20 GMT
content-security-policy
script-src 'report-sample' 'nonce-fj0iYM6WtsEmcKEKuFG1UA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Thu, 20 Oct 2022 10:06:20 GMT
list
ciso.economictimes.indiatimes.com/api/v1/newsletter/
3 KB
1 KB
XHR
General
Full URL
https://ciso.economictimes.indiatimes.com/api/v1/newsletter/list?client_id=0690faf5-bc20-4dda-922e-365ac47ff0ce
Requested by
Host: js.etb2bimg.com
URL: https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
301bf02d3752acec04b7d988100b04fda872c3fcd1ed452d0c92a2499cd7950a
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:20 GMT
x-cool
22.34
content-length
613
x-xss-protection
1; mode=block
pragma
no-cache
server
Bhoot
x-frame-options
sameorigin, SAMEORIGIN
vary
Accept-Encoding
content-language
en
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Thu, 20 Oct 2022 10:06:20 GMT
pubads_impl_2022101701.js
securepubads.g.doubleclick.net/gpt/
379 KB
128 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4a419095aa8f87ac838a7c0f52fa682bc635aa4d1927b9c058d547fc67dd5ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 09:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1040
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130931
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 08:34:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 20 Oct 2023 09:49:00 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
130 B
734 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ciso.economictimes.indiatimes.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8d23ae5cb5c40b8ce90ebd2b6b05b921db983771679bfb853848b052e3b9ebf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
expires
Thu, 20 Oct 2022 10:06:20 GMT
web-sdk.js
static.growthrx.in/js/v2/
43 KB
12 KB
Script
General
Full URL
https://static.growthrx.in/js/v2/web-sdk.js
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:381::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
c1decb9a62362c396d81e5234ed8a1d3463eebc06eb93b9bbafd65e08acba096
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:20 GMT
content-length
12317
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 03 Oct 2022 17:59:13 GMT
server
Bhoot
etag
"633b22f1-abb9"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
expires
Thu, 20 Oct 2022 10:06:20 GMT
js
www.googletagmanager.com/gtag/
210 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JQSEJYYECH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5PJ984
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9372f8c6aa5c13e6d9d7ecc1b3adb287a8261211946c7a35d0c105cf9585dba0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75314
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 20 Oct 2022 10:06:20 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5PJ984
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 09:15:57 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3023
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 20 Oct 2022 11:15:57 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
8 KB
3 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5PJ984
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:20 GMT
content-encoding
gzip
last-modified
Wed, 19 Oct 2022 18:56:33 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=31903
accept-ranges
bytes
content-length
3063
optimize.js
www.googleoptimize.com/
109 KB
43 KB
Script
General
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-5PZ3MRG
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5PJ984
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
369623135a22ccbfc41ec2503ee478e49bdaedd026546f7554bc4fc7fe3a0c64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43886
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 20 Oct 2022 10:06:20 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-733008391/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-733008391/?random=1666260380501&cv=11&fst=1666260380501&bg=ffffff&guid=ON&async=1&gtm=2wgah0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue%26redirect%3D1&ref=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue&tiba=WhatsApp%27s%20cloned%20app%20spying%20on%20Indians%20via%20recording%20video%2C%20audio%2C%20IT%20Security%20News%2C%20ET%20CISO&auid=677315719.1666260380&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5PJ984
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4a4ff8e5c9e9a13a8d4a125b389cc055a7b1f5c12ee7c7f6ac558b565e44c99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 10:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1089
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/
0
189 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6036484&ns__t=1666260380492&ns_c=UTF-8&c8=WhatsApp%27s%20cloned%20app%20spying%20on%20Indians%20via%20recording%20video%2C%20audio%2C%20IT%20Security%20News%2C%20ET%20CISO&c7=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue%26redirect%3D1&c9=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:20 GMT
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
AWiBKpot2xDx2H4M8OP0lij6-CSczilUCfr0ToVuU06gEd7UH_QXgw==
x-cache
Miss from cloudfront
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=269194&time=1666260380536&url=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D269194%26time%3D1666260380536%26url%3Dhttps%253A%252F%252Fciso.economictimes.indi...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=269194&time=1666260380536&url=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=269194&time=1666260380536&url=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video...
0
480 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=269194&time=1666260380536&url=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue%26redirect%3D1&liSync=true&e_ipv6=AQIRN86G8h2xUQAAAYP026zxvtkPynSewanuE7oSXj9lFuYu8T2KF3460-4NZzMQWv3vSExU
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:20 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: F3D44BE8A2C944CAA005517C43B9D8D0 Ref B: FRAEDGE1119 Ref C: 2022-10-20T10:06:21Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript
x-li-fabric
prod-lva1
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAXrdHodpItNVnX1m3YKJA==

Redirect headers

date
Thu, 20 Oct 2022 10:06:20 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 1553C1BDE27C4EA88771AAA8F3A828A1 Ref B: FRAEDGE1511 Ref C: 2022-10-20T10:06:20Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=269194&time=1666260380536&url=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue%26redirect%3D1&liSync=true&e_ipv6=AQIRN86G8h2xUQAAAYP026zxvtkPynSewanuE7oSXj9lFuYu8T2KF3460-4NZzMQWv3vSExU
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAXrdHobIvZQW2x/YmSPBw==
style
accounts.google.com/gsi/
533 B
328 B
Stylesheet
General
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-kTgGnBmaPrfQgbSjG8qLJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:20 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-kTgGnBmaPrfQgbSjG8qLJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Thu, 20 Oct 2022 10:06:20 GMT
button
accounts.google.com/gsi/ Frame 89DE
0
0

button
accounts.google.com/gsi/ Frame 166E
104 KB
37 KB
Document
General
Full URL
https://accounts.google.com/gsi/button?type=standard&size=large&logo_alignment=left&theme=filled_blue&width=335&text=continue_with&shape=circle&client_id=304983860261-ji4osqdlk4bjp6369rb8mpt0fghlulkl.apps.googleusercontent.com&iframe_id=gsi_380579_299091&as=Ute8wlDteikNoo5GBB9Szw
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
01d9da757be0f6bf9148d6157b5dd4606fe7c1eef6f02303669878260d51eff6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-xqlXJpn4XHrAsFThYhDWBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ciso.economictimes.indiatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-xqlXJpn4XHrAsFThYhDWBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Oct 2022 10:06:20 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=546909798&t=pageview&_s=1&dl=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue%26redirect%3D1&ul=en-us&de=UTF-8&dt=WhatsApp%27s%20cloned%20app%20spying%20on%20Indians%20via%20recording%20video%2C%20audio%2C%20IT%20Security%20News%2C%20ET%20CISO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABQAAAACAAI~&jid=1786017585&gjid=1383734577&cid=1260255014.1666260381&uid=&tid=UA-5594188-46&_gid=1485663474.1666260381&_r=1&gtm=2wgah0M5PJ984&cd1=WhatsApp%27s%20cloned%20app%20spying%20on%20Indians%20via%20recording%20video%2C%20audio%2C%20IT%20Security%20News%2C%20ET%20CISO&cd2=newsdetails&cd3=%20%7C%20IANS&cd4=news%20%7C%20&cd5=94753319%20%7C%20free&cd6=2022-10-10%20%7C%2011%3A02%3A00&cd7=2022-10-10%2011%3A07%3A00&cd8=&cd9=%20%7C%20&cd10=&cd11=magecart%2Ciot%2Cwhatsapp%2Cspyware%2Candroid&cd12=desktop&cd13=&cd14=&cd16=no&z=1195104167
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ciso.economictimes.indiatimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 10:06:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ciso.economictimes.indiatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ciso.economictimes.indiatimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ciso.economictimes.indiatimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
4 KB
622 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=938273243216847&correlator=2576223642788792&eid=31070117%2C31068367&output=ldjh&gdfp_req=1&vrg=2022101701&ptt=17&impl=fifs&iu_parts=7176%2CETCISO%2CETCISO_AS%2CETCISO_AS_ATF_300_250%2CETCISO_AS_Slug1_300_100%2CETCISO_AS_Slug2_300_100%2CETCISO_AS_BTF_300_250%2CETCISO_AS_ATF_728%2CETCISO_AS_Masthead%2CETCISO_AS_OP_Innov1&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F7%2C%2F0%2F1%2F2%2F8%2C%2F0%2F1%2F2%2F9&prev_iu_szs=300x250%7C300x600%2C300x100%7C300x250%2C300x100%7C300x250%2C300x250%2C610x70%7C728x90%2C610x70%7C728x90%7C1003x90%2C1x1&ifi=1&adks=3284619207%2C2246848145%2C2241442150%2C3417763113%2C2207151141%2C1245102762%2C2354330406&sfv=1-0-38&ists=1&cust_params=sg%3D%26HDL%3D%26ARC1%3D%26Hyp1%3D%26article%3D&sc=1&cookie_enabled=1&abxe=1&dt=1666260380693&lmt=1666260339&dlt=1666260379976&idt=682&adxs=977%2C977%2C977%2C977%2C670%2C300%2C0&adys=410%2C410%2C410%2C410%2C34%2C156%2C2929&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0%7C0%7C1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue%26redirect%3D1&ref=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue&frm=20&vis=1&psz=303x948%7C303x948%7C303x948%7C303x948%7C0x0%7C1000x0%7C1600x2927&msz=300x0%7C300x0%7C300x0%7C300x0%7C610x0%7C610x0%7C0x0&fws=644%2C644%2C644%2C644%2C132%2C132%2C132&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=1260255014.1666260381&ga_sid=1666260381&ga_hid=546909798&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80d3f16bc7d23747b230a4686d1291327a00298840cbe49649a783eab0eec6de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
591
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ciso.economictimes.indiatimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a85f59ba8d899b4509648cbc099bc355.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0BF4
6 KB
4 KB
Document
General
Full URL
https://a85f59ba8d899b4509648cbc099bc355.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ciso.economictimes.indiatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Oct 2022 10:06:20 GMT
expires
Fri, 20 Oct 2023 10:06:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/AW-733008391/
42 B
548 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/AW-733008391/?random=1666260380501&cv=11&fst=1666260000000&bg=ffffff&guid=ON&async=1&gtm=2wgah0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue%26redirect%3D1&ref=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue&tiba=WhatsApp%27s%20cloned%20app%20spying%20on%20Indians%20via%20recording%20video%2C%20audio%2C%20IT%20Security%20News%2C%20ET%20CISO&fmt=3&is_vtc=1&random=1374091410&rmt_tld=0&ipr=y
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 10:06:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/AW-733008391/
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/AW-733008391/?random=1666260380501&cv=11&fst=1666260000000&bg=ffffff&guid=ON&async=1&gtm=2wgah0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue%26redirect%3D1&ref=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue&tiba=WhatsApp%27s%20cloned%20app%20spying%20on%20Indians%20via%20recording%20video%2C%20audio%2C%20IT%20Security%20News%2C%20ET%20CISO&fmt=3&is_vtc=1&random=1374091410&rmt_tld=1&ipr=y
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 10:06:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame 166E
0
0
Other
General
Full URL
https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://accounts.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/csp-report

Response headers

collect
region1.analytics.google.com/g/
0
358 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JQSEJYYECH&gtm=2oeah0&_p=546909798&_gaz=1&cid=1260255014.1666260381&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=WhatsApp%27s%20cloned%20app%20spying%20on%20Indians%20via%20recording%20video%2C%20audio%2C%20IT%20Security%20News%2C%20ET%20CISO&sid=1666260380&sct=1&seg=0&dl=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue%26redirect%3D1&dr=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue&uid=&en=page_view&_fv=1&_ss=1&ep.page_template=newsdetails&ep.authors=&ep.agency=IANS&ep.section=news&ep.subsection=&ep.cmsid=94753319&ep.published_date=2022-10-10&ep.published_time=11%3A02%3A00&ep.last_update_date=2022-10-10%2011%3A07%3A00&ep.video_embed=&ep.audio_embed=&ep.keywords=magecart%2Ciot%2Cwhatsapp%2Cspyware%2Candroid&ep.browsing_platform=desktop&ep.portal_in_portal=&up.login_status=no&up.etb2b_sso_id=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JQSEJYYECH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 10:06:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ciso.economictimes.indiatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
47 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JQSEJYYECH&cid=1260255014.1666260381&gtm=2oeah0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JQSEJYYECH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 10:06:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ciso.economictimes.indiatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JQSEJYYECH&cid=1260255014.1666260381&gtm=2oeah0&aip=1&z=1940175395
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 10:06:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
453 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-5594188-46&cid=1260255014.1666260381&jid=1786017585&gjid=1383734577&_gid=1485663474.1666260381&_u=YEBAAEAAQAAAACAAI~&z=831384851
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ciso.economictimes.indiatimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 20 Oct 2022 10:06:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ciso.economictimes.indiatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
fonts.gstatic.com/s/googlesans/v14/ Frame 166E
51 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
Origin
https://accounts.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 22:16:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
561007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27431
x-xss-protection
0
last-modified
Mon, 22 Apr 2019 23:43:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Oct 2023 22:16:13 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5594188-46&cid=1260255014.1666260381&jid=1786017585&_u=YEBAAEAAQAAAACAAI~&z=1746359063
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 10:06:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5594188-46&cid=1260255014.1666260381&jid=1786017585&_u=YEBAAEAAQAAAACAAI~&z=1746359063
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 10:06:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc-20oct-1663580911-bnr-1.jpg
img.etb2bimg.com/files/retail_files/
36 KB
36 KB
Image
General
Full URL
https://img.etb2bimg.com/files/retail_files/dc-20oct-1663580911-bnr-1.jpg
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a1ed103c4dc4766679dd8fb15f991d7e439dbdec7ccbd28041e2a5721dcafcd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:21 GMT
last-modified
Mon, 19 Sep 2022 09:48:31 GMT
server
AkamaiNetStorage
etag
"9ebc1af0ae8fff35e9ca8ce7a34ab72c:1663580911.806412"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=28856816
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
36430
expires
Tue, 19 Sep 2023 09:53:17 GMT
desktop.bundle.v1.min.js
st.etb2bimg.com/Themes/Release/js/
12 KB
5 KB
Script
General
Full URL
https://st.etb2bimg.com/Themes/Release/js/desktop.bundle.v1.min.js?mod=2050
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
a05c4612438161f805009c1c7b6575de341c6198a7e025b41f534528702346f9
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:21 GMT
x-cool
22.68
content-length
4411
x-xss-protection
1; mode=block
last-modified
Wed, 19 Oct 2022 13:53:34 GMT
server
Bhoot
x-frame-options
sameorigin
vary
Accept-Encoding
content-language
en
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31463465
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-methods
GET,POST
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 13:57:26 GMT
app.news.detail.min.js
st.etb2bimg.com/Themes/Release/js/
19 KB
6 KB
Script
General
Full URL
https://st.etb2bimg.com/Themes/Release/js/app.news.detail.min.js?mod=2050
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
02bb088217fcf02ceb721e6df8ac18fde8d7641bcc0ee0b2f9cd588c4166f2c1
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:21 GMT
x-cool
22.68
content-length
5302
x-xss-protection
1; mode=block
last-modified
Wed, 19 Oct 2022 13:53:34 GMT
server
Bhoot
x-frame-options
sameorigin
vary
Accept-Encoding
content-language
en
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31463679
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-methods
GET,POST
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 14:01:00 GMT
94753387.cms
etimg.etb2bimg.com/photo/
17 KB
17 KB
Image
General
Full URL
https://etimg.etb2bimg.com/photo/94753387.cms
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:48c::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
5b632285a1f3548edc876c374765bb1274df389811f5600290d05307a555bbf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://ciso.economictimes.indiatimes.com/
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 10:06:21 GMT
x-content-type-options
nosniff
server
Bhoot
etag
22078
x-frame-options
ALLOW-FROM https://ciso.economictimes.indiatimes.com/
content-type
image/webp
imagemagick_im4java
1
cache-control
max-age=0, no-cache, no-store
appgn
17229387501231665380667858
content-length
17124
x-xss-protection
1; mode=block
expires
Thu, 20 Oct 2022 10:06:21 GMT
94913796.cms
etimg.etb2bimg.com/thumb/after-ipca-laboratories-pharma-major-aarti-drugs-hit-by-ransomware-attack-data-leaked-on-dark-web/
5 KB
5 KB
Image
General
Full URL
https://etimg.etb2bimg.com/thumb/after-ipca-laboratories-pharma-major-aarti-drugs-hit-by-ransomware-attack-data-leaked-on-dark-web/94913796.cms?width=300&height=167
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:48c::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
0339f703d6a1ac47eebb907cb687f4948ac5a7dd4abde8ce0685c168263a7ae1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://ciso.economictimes.indiatimes.com/
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 10:06:21 GMT
x-content-type-options
nosniff
server
Bhoot
etag
608918
x-frame-options
ALLOW-FROM https://ciso.economictimes.indiatimes.com/
content-type
image/webp
imagemagick_im4java
1
cache-control
max-age=0, no-cache, no-store
appgn
17229386501231666029614169
content-length
5054
x-xss-protection
1; mode=block
expires
Thu, 20 Oct 2022 10:06:21 GMT
94577992.cms
etimg.etb2bimg.com/thumb/valedictory-session/120072/
22 KB
22 KB
Image
General
Full URL
https://etimg.etb2bimg.com/thumb/valedictory-session/120072/94577992.cms?width=700&height=450
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:48c::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
8a37492336f75b0e173b20239f8e44bd89d27e739942cae7ef555b6b7a50bf9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://ciso.economictimes.indiatimes.com/
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 10:06:21 GMT
x-content-type-options
nosniff
server
Bhoot
etag
120072
x-frame-options
ALLOW-FROM https://ciso.economictimes.indiatimes.com/
content-type
image/webp
imagemagick_im4java
1
cache-control
max-age=0, no-cache, no-store
appgn
17224409401231665385432431
content-length
22224
x-xss-protection
1; mode=block
expires
Thu, 20 Oct 2022 10:06:21 GMT
status
accounts.google.com/gsi/
40 B
94 B
XHR
General
Full URL
https://accounts.google.com/gsi/status?client_id=304983860261-ji4osqdlk4bjp6369rb8mpt0fghlulkl.apps.googleusercontent.com&as=KQ2UloAZCD6Ew2QcC77LjQ
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d78d730205756ab1b09fa76654c88bf92eb83f3390803c59d1b459943eacb45
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-7nyGRLtsDE4xQ99eaOT_SA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:21 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-7nyGRLtsDE4xQ99eaOT_SA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ciso.economictimes.indiatimes.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
667b3add8fe72e415c9a00d5c3d42b450f8c9c0f8dd7b01eb1074b51466750df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11140
x-xss-protection
0
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6036484/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
359 B
Script
General
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 09:42:17 GMT
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
1445
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
uMnFYlWKkoSLUIP5cphHm4wn6Yl-q-mvZnvkIoyIyRbxQTLrTyILUA==

Redirect headers

location
/internal-c2/default/cs.js
date
Thu, 20 Oct 2022 10:06:21 GMT
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
0
x-amz-cf-id
LTGJAGi7T9Uc0NIHI59U-6N3t65BJXzRhzJsSZEMzxMApJdNtNLC5A==
x-cache
Miss from cloudfront
etb2b_get_more_on_scroll.php
ciso.economictimes.indiatimes.com/ajax_files/
448 KB
71 KB
XHR
General
Full URL
https://ciso.economictimes.indiatimes.com/ajax_files/etb2b_get_more_on_scroll.php?action=get_more_news&cont_id=94753319&sec_id=55806002&fw=&is_pip=&pipType=&category=&categoryMsid=0&categoryUrl=
Requested by
Host: js.etb2bimg.com
URL: https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
bfaf5faf03f19e6cf5d6a0b023acb53e196687190aeb4f922c6d7d073da63f29
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:22 GMT
x-cool
22.37
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 20 Oct 2022 10:06:21 GMT
server
Bhoot
x-frame-options
sameorigin, SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=1800
access-control-allow-credentials
true
expires
Thu, 20 Oct 2022 10:36:21 GMT
etb2b_ajax_trackers.php
ciso.economictimes.indiatimes.com/ajax_files/
1 B
695 B
XHR
General
Full URL
https://ciso.economictimes.indiatimes.com/ajax_files/etb2b_ajax_trackers.php?action=update_news_views
Requested by
Host: js.etb2bimg.com
URL: https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:22 GMT
x-content-type-options
nosniff
x-cool
22.37
content-length
1
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 20 Oct 2022 10:06:22 GMT
server
Bhoot
x-frame-options
sameorigin, SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-language
en
cache-control
public, no-cache, no-store, max-age=0
access-control-allow-credentials
true
expires
Thu, 20 Oct 2022 10:06:22 GMT
etb2b_ajax_modules.php
ciso.economictimes.indiatimes.com/ajax_files/
74 B
826 B
XHR
General
Full URL
https://ciso.economictimes.indiatimes.com/ajax_files/etb2b_ajax_modules.php?&mod=ETB2BMostReadedRelatedArticle&pos=middle&boxid=modbx_4&obj%5Bnews_id%5D=94753319
Requested by
Host: js.etb2bimg.com
URL: https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
71bad20495ab3c839083689effb9583786a18684d47dbdef623b117822d486ab
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:21 GMT
x-content-type-options
nosniff
x-cool
22.36
content-length
74
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 20 Oct 2022 10:06:21 GMT
server
Bhoot
x-frame-options
sameorigin, SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=3600
access-control-allow-credentials
true
expires
Thu, 20 Oct 2022 11:06:21 GMT
dc-20oct-1663580911-bnr-1.jpg
img.etb2bimg.com/files/retail_files/
36 KB
36 KB
Image
General
Full URL
https://img.etb2bimg.com/files/retail_files/dc-20oct-1663580911-bnr-1.jpg
Requested by
Host: js.etb2bimg.com
URL: https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a1ed103c4dc4766679dd8fb15f991d7e439dbdec7ccbd28041e2a5721dcafcd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:21 GMT
last-modified
Mon, 19 Sep 2022 09:48:31 GMT
server
AkamaiNetStorage
etag
"9ebc1af0ae8fff35e9ca8ce7a34ab72c:1663580911.806412"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=28856816
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
36430
expires
Tue, 19 Sep 2023 09:53:17 GMT
onelink-smart-script.js
st.etb2bimg.com/Themes/Release/js/
7 KB
3 KB
Script
General
Full URL
https://st.etb2bimg.com/Themes/Release/js/onelink-smart-script.js?mod=2050
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
603558319c899719f5efd9f2be431275a3248e869353d0a22d47ae4d227ea2cc
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:21 GMT
x-cool
22.68
content-length
2171
x-xss-protection
1; mode=block
last-modified
Wed, 19 Oct 2022 13:53:34 GMT
server
Bhoot
x-frame-options
sameorigin
vary
Accept-Encoding
content-language
en
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31463561
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-methods
GET,POST
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 13:59:02 GMT
cplogo1-1658739661.png
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
6 KB
7 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cplogo1-1658739661.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
0533608ec72f801178eae10b04924775f9ef8243bad5cc5da7bae035f9d869d2
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:21 GMT
x-cool
22.69
content-length
6545
pragma
no-cache
last-modified
Tue, 26 Jul 2022 06:34:17 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:21 GMT
cpsbranding_logo-1653999484.png
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
6 KB
7 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cpsbranding_logo-1653999484.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
fde0c4ae58598a94465a32e83c7796e6aa964c2096b58e0855e6bfbddd3e8b95
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:21 GMT
x-cool
22.68
content-length
6655
pragma
no-cache
last-modified
Tue, 31 May 2022 13:30:35 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:21 GMT
cplogo1-1617252939.png
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
6 KB
6 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cplogo1-1617252939.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
e9564a6d89aa80323a64b196234966732023eaecd3ccb31e3e6cae034a76eea5
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:21 GMT
x-cool
22.68
content-length
6254
pragma
no-cache
last-modified
Thu, 17 Mar 2022 05:54:33 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:21 GMT
cpsbranding_logo-1589774513.png_(500%C3%97295)_-_2020-05-18_09.30.41.png
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
2 B
304 B
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cpsbranding_logo-1589774513.png_(500%C3%97295)_-_2020-05-18_09.30.41.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
1bad6b8cf97131fceab8543e81f7757195fbb1d36b376ee994ad1cf17699c464

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 10:06:21 GMT
last-modified
Thu, 20 Oct 2022 10:06:21 GMT
server
Bhoot
access-control-max-age
86400
x-cool
22.68
content-language
en
content-type
application/octet-stream
access-control-allow-methods
GET,POST
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
access-control-allow-origin
*
access-control-allow-headers
*
content-length
2
expires
Thu, 20 Oct 2022 10:06:21 GMT
cpsbranding_logo-1582291716.png
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
7 KB
7 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cpsbranding_logo-1582291716.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
d443ac5dc3312c866410bb6708ef591e5003233cdcb12b5782bb2519f3a77253
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:21 GMT
x-cool
22.67
content-length
7285
pragma
no-cache
last-modified
Tue, 10 May 2022 23:51:31 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:21 GMT
cplogo1-1632807248.png
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
8 KB
8 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cplogo1-1632807248.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PHP/7.4.13
Resource Hash
d8af83aaec3d4c09d9c9b91b677ee43699d18e6b2655cf0e0343cc047a327c58
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:21 GMT
x-powered-by
PHP/7.4.13
x-cool
22.68
content-length
7729
pragma
no-cache
last-modified
Wed, 06 Oct 2021 07:12:47 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:21 GMT
cplogo1-1625817618.png
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
8 KB
8 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cplogo1-1625817618.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
b80fb361fcb0aa10ac2b6b5972639211431b5e4bcec94e3c48437dece7edff89
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:21 GMT
x-cool
22.67
content-length
8025
pragma
no-cache
last-modified
Thu, 23 Jun 2022 06:02:54 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:21 GMT
cplogo1-1610969886.png
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
3 KB
3 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cplogo1-1610969886.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
28ca8d05d8dd90225d55d81f32ec91af1cc4ee076da516f20982d8dc689bfcc5
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:21 GMT
x-cool
22.69
content-length
2932
pragma
no-cache
last-modified
Mon, 14 Mar 2022 10:02:26 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:21 GMT
cpsbranding_logo-1591012921.jpg
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
5 KB
5 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cpsbranding_logo-1591012921.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
d91624ef2453616b28f59b6fdad951957ed0ce8bd1193a895acd3d5535067eb9
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:21 GMT
x-cool
22.68
content-length
4743
pragma
no-cache
last-modified
Wed, 13 Apr 2022 20:50:48 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:21 GMT
cpsbranding_logo-1601294962.png
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
2 KB
2 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cpsbranding_logo-1601294962.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
be7e33e2a21b9c1766214f8fee6f4d1236b4b275aafccd8c5e452b7cbe539eb5
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:21 GMT
x-cool
22.68
content-length
1946
pragma
no-cache
last-modified
Mon, 21 Mar 2022 13:32:35 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:21 GMT
cpsbranding_logo-1584591716.png
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
7 KB
7 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cpsbranding_logo-1584591716.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
faf7aa1bfec0e1c34ec00fcbf6894ee5c27cd1f9a2212b1bf39ed08d69cec3ee
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:22 GMT
x-cool
22.69
content-length
6786
pragma
no-cache
last-modified
Tue, 10 May 2022 23:51:30 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:22 GMT
cplogo1-1642412423.png
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
8 KB
8 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cplogo1-1642412423.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
90e760642397f739af2c7a755bef32fbb78cf18bc20b1613a615cd684e3d10ab
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:22 GMT
x-cool
22.68
content-length
7865
pragma
no-cache
last-modified
Thu, 12 May 2022 11:15:14 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:22 GMT
cpsbranding_logo-1582291765.JPG
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
5 KB
5 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cpsbranding_logo-1582291765.JPG
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
e13d9150ae99e914aeaae56f8d4bbbf343b335915133718e6b035d1109f39789
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:22 GMT
x-cool
22.67
content-length
4819
pragma
no-cache
last-modified
Tue, 10 May 2022 23:51:31 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:22 GMT
cpsbranding_logo-1582291631.png
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
3 KB
3 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cpsbranding_logo-1582291631.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
06232fc794d3717a6a5a4a0a76ce013ff455a821a15edec5441c5938cf38567b
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:22 GMT
x-cool
22.67
content-length
2709
pragma
no-cache
last-modified
Mon, 09 May 2022 05:29:44 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:22 GMT
cpsbranding_logo-1582291306.jpg
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
2 KB
2 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cpsbranding_logo-1582291306.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
ce5f1ffa9358bc544e797beafb2c6f07cd316a88b3dd9b977d1c05443d6d30e4
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:22 GMT
x-cool
22.68
content-length
2199
pragma
no-cache
last-modified
Wed, 19 Jan 2022 08:17:25 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:22 GMT
cpsbranding_logo-1582286589.jpg
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
3 KB
3 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cpsbranding_logo-1582286589.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
2bb78a6d31b300800cb7c70d4854f171e1d412073127bd37f678235b373785f3
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:22 GMT
x-cool
22.69
content-length
2844
pragma
no-cache
last-modified
Wed, 13 Apr 2022 20:50:51 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:22 GMT
cpsbranding_logo-1582291043.jpg
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
3 KB
3 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cpsbranding_logo-1582291043.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PHP/7.4.13
Resource Hash
851349cec283872569de96039c36940176ff862197cfab5fb120e23605222571
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:22 GMT
x-powered-by
PHP/7.4.13
x-cool
22.69
content-length
2713
pragma
no-cache
last-modified
Fri, 24 Sep 2021 03:54:49 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:22 GMT
cpsbranding_logo-1582290700.jpg
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
2 KB
3 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cpsbranding_logo-1582290700.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
5d9b83bd803879ea66c7c89de72d3ab611d4601505bfe149c3bd96731224346e
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:22 GMT
x-cool
22.68
content-length
2342
pragma
no-cache
last-modified
Mon, 11 Apr 2022 05:33:47 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:22 GMT
cpsbranding_logo-1582290646.jpg
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
3 KB
3 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cpsbranding_logo-1582290646.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
6a92fa3b91d3301f89ca1486081f7ecb4ed9965d697c2069a59a67256ce7b42a
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:22 GMT
x-cool
22.68
content-length
2721
pragma
no-cache
last-modified
Tue, 19 Apr 2022 15:22:56 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:22 GMT
cplogo1-1653918556.png
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
2 KB
2 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cplogo1-1653918556.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
dc0451e823795cff58b64c62bbefea508e019863f2c7abf9c2c83670699ac90d
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:22 GMT
x-cool
22.67
content-length
1691
pragma
no-cache
last-modified
Tue, 02 Aug 2022 08:39:39 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:22 GMT
cplogo1-1654094374.png
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
12 KB
12 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cplogo1-1654094374.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
eeee9d420cc3ad81051d806fba551879f223cfbeedfa17ad9f17d1cafadf4226
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:22 GMT
x-cool
22.68
content-length
12138
pragma
no-cache
last-modified
Tue, 02 Aug 2022 12:55:09 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:22 GMT
cplogo1-1505396829.png
img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/
1 KB
2 KB
Image
General
Full URL
https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cplogo1-1505396829.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
b03052d31617d58fefffc77d4ae94552e3ac9cb5d345d544332dcfd517a1bec9
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:22 GMT
x-cool
22.67
content-length
1334
pragma
no-cache
last-modified
Tue, 02 Aug 2022 08:39:41 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
false
access-control-allow-headers
*
expires
Thu, 27 Oct 2022 10:06:22 GMT
94577923.cms
etimg.etb2bimg.com/thumb/mastering-the-art-of-simple-agile-and-composable-cyber-security/138779/
8 KB
8 KB
Image
General
Full URL
https://etimg.etb2bimg.com/thumb/mastering-the-art-of-simple-agile-and-composable-cyber-security/138779/94577923.cms?width=300&height=167
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:48c::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
116b562aab1ee17740040853ef5a7cbcf020d316a74d6fb296ed65fd7f85b82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://ciso.economictimes.indiatimes.com/
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 10:06:21 GMT
x-content-type-options
nosniff
server
Bhoot
etag
138779
x-frame-options
ALLOW-FROM https://ciso.economictimes.indiatimes.com/
content-type
image/webp
imagemagick_im4java
1
cache-control
max-age=0, no-cache, no-store
appgn
17224408801231665227399477
content-length
7950
x-xss-protection
1; mode=block
expires
Thu, 20 Oct 2022 10:06:21 GMT
94577808.cms
etimg.etb2bimg.com/thumb/keynote-session-by-gulshan-rai/117530/
5 KB
5 KB
Image
General
Full URL
https://etimg.etb2bimg.com/thumb/keynote-session-by-gulshan-rai/117530/94577808.cms?width=300&height=167
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:48c::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
ef0cb5e17b0fc2499ed96e9fa47cda0df277616df31beab481b177526d3c3d13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://ciso.economictimes.indiatimes.com/
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 10:06:21 GMT
x-content-type-options
nosniff
server
Bhoot
etag
117530
x-frame-options
ALLOW-FROM https://ciso.economictimes.indiatimes.com/
content-type
image/webp
imagemagick_im4java
1
cache-control
max-age=0, no-cache, no-store
appgn
17229386801231665370431930
content-length
4880
x-xss-protection
1; mode=block
expires
Thu, 20 Oct 2022 10:06:21 GMT
94577738.cms
etimg.etb2bimg.com/thumb/upgrading-the-2023-cybersecurity-stack-what-s-in-and-what-s-out/150424/
8 KB
9 KB
Image
General
Full URL
https://etimg.etb2bimg.com/thumb/upgrading-the-2023-cybersecurity-stack-what-s-in-and-what-s-out/150424/94577738.cms?width=300&height=167
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:48c::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
bcba904a8fde4c447d76f8f786ddc5e11f8d7ed3d0e4822a78d6e442be288bc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://ciso.economictimes.indiatimes.com/
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 10:06:21 GMT
x-content-type-options
nosniff
server
Bhoot
etag
150424
x-frame-options
ALLOW-FROM https://ciso.economictimes.indiatimes.com/
content-type
image/webp
imagemagick_im4java
1
cache-control
max-age=0, no-cache, no-store
appgn
17229386801231665227399520
content-length
8654
x-xss-protection
1; mode=block
expires
Thu, 20 Oct 2022 10:06:21 GMT
etb2b_ajax_featured_section_grouped.php
ciso.economictimes.indiatimes.com/ajax_files/
39 B
721 B
XHR
General
Full URL
https://ciso.economictimes.indiatimes.com/ajax_files/etb2b_ajax_featured_section_grouped.php?fetchall=1&f0%5Btype%5D=featured_header_3&f0%5Bboxid%5D=featured_header_top_right&f0%5Bpage%5D=etb2b_newsdetails.php&f0%5Bfrom_url%5D=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue%26redirect%3D1&f0%5Bcallback%5D=
Requested by
Host: js.etb2bimg.com
URL: https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
a32b8f867679bdae90615c15f5c3b0aa1ddc3f758c29f6b03976e00c5dad1bc4
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:21 GMT
x-content-type-options
nosniff
x-cool
55.33
content-length
39
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 20 Oct 2022 10:06:21 GMT
server
Bhoot
x-frame-options
sameorigin, SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=180
access-control-allow-credentials
true
expires
Thu, 20 Oct 2022 10:09:21 GMT
etb2b_ajax_featured_section_grouped.php
ciso.economictimes.indiatimes.com/ajax_files/
51 B
732 B
XHR
General
Full URL
https://ciso.economictimes.indiatimes.com/ajax_files/etb2b_ajax_featured_section_grouped.php?fetchall=1&f1%5Btype%5D=featured_leaderboard&f1%5Bboxid%5D=featured_leaderboard&f1%5Bfrom_url%5D=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue%26redirect%3D1&f1%5Bcallback%5D=addLeaderBoardClass
Requested by
Host: js.etb2bimg.com
URL: https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
296cc1f61ac2818eff6c41495554ca50e76665f1ab5209e8d7fcec1dff510be9
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:23 GMT
x-content-type-options
nosniff
x-cool
55.35
content-length
51
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 20 Oct 2022 10:06:23 GMT
server
Bhoot
x-frame-options
sameorigin, SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=180
access-control-allow-credentials
true
expires
Thu, 20 Oct 2022 10:09:23 GMT
etb2b_ajax_featured_section_grouped.php
ciso.economictimes.indiatimes.com/ajax_files/
29 B
713 B
XHR
General
Full URL
https://ciso.economictimes.indiatimes.com/ajax_files/etb2b_ajax_featured_section_grouped.php?fetchall=1&f2%5Btype%5D=featured_skinning&f2%5Bboxid%5D=featured_skinning&f2%5Bpage%5D=etb2b_newsdetails.php&f2%5Bcallback%5D=
Requested by
Host: js.etb2bimg.com
URL: https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
272c592f1ffb0b27d92b955fd395c962af288d9f36e883eaac50fe76ffa1ce04
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:21 GMT
x-content-type-options
nosniff
x-cool
55.33
content-length
29
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 20 Oct 2022 10:06:21 GMT
server
Bhoot
x-frame-options
sameorigin, SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=180
access-control-allow-credentials
true
expires
Thu, 20 Oct 2022 10:09:21 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 20 Oct 2022 10:06:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 64A6
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ciso.economictimes.indiatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5037
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Oct 2022 08:42:24 GMT
expires
Fri, 20 Oct 2023 08:42:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 50B5
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
29cae34dab991bc7bfaff2aef81ac4b64ddf73d5c59db5d47279166557b8d3ce
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xiJcbf6USM8pkOJlPBlHtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ciso.economictimes.indiatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-xiJcbf6USM8pkOJlPBlHtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 20 Oct 2022 10:06:21 GMT
expires
Thu, 20 Oct 2022 10:06:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cfKUDseLxMX_VMI_uao_rq0MKOaeCrg8GZjSFxmotG8.js
pagead2.googlesyndication.com/bg/ Frame 64A6
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/cfKUDseLxMX_VMI_uao_rq0MKOaeCrg8GZjSFxmotG8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71f2940ec78bc4c5ff54c23fb9aa3faead0c28e69e0ab83c1998d21719a8b46f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 07:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10095
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Oct 2023 07:18:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 50B5
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101701&jk=938273243216847&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 64A6
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?_GJGZw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
default-200.jpg
st.etb2bimg.com/Themes/Release/images/responsive/
2 KB
3 KB
Image
General
Full URL
https://st.etb2bimg.com/Themes/Release/images/responsive/default-200.jpg
Requested by
Host: js.etb2bimg.com
URL: https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
8b225e6ef02ebae8cfb985af7f12963e29b5c025f923ed4a8711d3214963b1a4
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:21 GMT
x-cool
22.69
content-length
2283
last-modified
Fri, 24 Jun 2022 12:37:43 GMT
server
Bhoot
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=28826449
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 19 Sep 2023 01:27:10 GMT
dc-20oct-1663580911-bnr-1.jpg
img.etb2bimg.com/files/retail_files/
36 KB
36 KB
Image
General
Full URL
https://img.etb2bimg.com/files/retail_files/dc-20oct-1663580911-bnr-1.jpg
Requested by
Host: js.etb2bimg.com
URL: https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a1ed103c4dc4766679dd8fb15f991d7e439dbdec7ccbd28041e2a5721dcafcd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:22 GMT
last-modified
Mon, 19 Sep 2022 09:48:31 GMT
server
AkamaiNetStorage
etag
"9ebc1af0ae8fff35e9ca8ce7a34ab72c:1663580911.806412"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=28856815
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
36430
expires
Tue, 19 Sep 2023 09:53:17 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c11a95812e22f788011f278b115246de2493f98c8acbe3bef3df04fae4294c97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:21 GMT
content-md5
VKraJsgcPdJEmcWGyCc6Yg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
ImZ9N0piGouNUFSdsj7i/HGWCUgZklkm55FNJP1xfRhIzazc3q1VkUXlu38CMxtL2M1e0QCiUW1DrlDUeAIePA==
x-fb-trip-id
686109401
x-fb-content-md5
5486fb17d46435149c8c92c1751669cc
cross-origin-opener-policy
same-origin-allow-popups
etag
"0632b4b46b5ef79bfd2a034f930409dc"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Thu, 20 Oct 2022 10:16:24 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=546909798&t=event&ni=1&_s=1&dl=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue%26redirect%3D1&ul=en-us&de=UTF-8&dt=WhatsApp%27s%20cloned%20app%20spying%20on%20Indians%20via%20recording%20video%2C%20audio%2C%20IT%20Security%20News%2C%20ET%20CISO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Impression%20-%20ads-impression-featured_promotional_ads_1&ea=promo_banner_261125_dc-20oct&el=news%20-%2094753319&_u=aEDAAEABQAAAACAAI~&jid=&gjid=&cid=1260255014.1666260381&uid=&tid=UA-5594188-46&_gid=1485663474.1666260381&gtm=2wgah0M5PJ984&cd1=WhatsApp%27s%20cloned%20app%20spying%20on%20Indians%20via%20recording%20video%2C%20audio%2C%20IT%20Security%20News%2C%20ET%20CISO&cd2=newsdetails&cd3=%20%7C%20IANS&cd4=news%20%7C%20&cd5=94753319%20%7C%20free&cd6=2022-10-10%20%7C%2011%3A02%3A00&cd7=2022-10-10%2011%3A07%3A00&cd8=&cd9=%20%7C%20&cd10=&cd11=magecart%2Ciot%2Cwhatsapp%2Cspyware%2Candroid&cd12=desktop&cd13=&cd14=&cd16=no&z=1345717959
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 12:06:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
79165
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/
306 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=7b22a817ab3d6a11858d73f5f038c0cc
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
11bdbb5c5f62eae5c6d499f041d419bf46aa2339166a17972fa7366ea70f12e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ciso.economictimes.indiatimes.com/
Origin
https://ciso.economictimes.indiatimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:21 GMT
content-md5
cK3vhvdFcg+A5E80GU84yg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88393
x-fb-rlafr
0
x-fb-debug
etUm4osOJ62zd4zv9hDHAi3FgN/1TI7SmzgK90k0hEHoeRkNUYmhUz212WiDLL0TPzcj04DQtvuJPgP/wlc3/w==
x-fb-content-md5
931d5c3f35c17999f4c15de3283a8d48
cross-origin-opener-policy
same-origin-allow-popups
etag
"23b00c98211e3fafd2bd66a4a312f980"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 20 Oct 2023 09:49:32 GMT
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=493378761855001&input_token&origin=1&redirect_uri=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319%3F%26web_view%3Dtrue%26redirect%3D1&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=7b22a817ab3d6a11858d73f5f038c0cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Thu, 20 Oct 2022 10:06:21 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
TWUxTIl0z+ucmjLXJSufx6tJXfqTzqBP+xDbvSQLrDWCWaLdDsaiFR+C+6sRHQPKNUhGgqC0s3y+JKbCpRvzOA==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ciso.economictimes.indiatimes.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
comments.php
www.facebook.com/v4.0/plugins/ Frame E950
0
0
Document
General
Full URL
https://www.facebook.com/v4.0/plugins/comments.php?app_id=493378761855001&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3d1f2f33a4d6a%26domain%3Dciso.economictimes.indiatimes.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fciso.economictimes.indiatimes.com%252Ff346f44d2263648%26relation%3Dparent.parent&container_width=627&height=100&href=https%3A%2F%2Fciso.economictimes.indiatimes.com%2Fnews%2Fwhatsapps-cloned-app-spying-on-indians-via-recording-video-audio%2F94753319&locale=en_US&numposts=5&sdk=joey&version=v4.0&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=7b22a817ab3d6a11858d73f5f038c0cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ciso.economictimes.indiatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 20 Oct 2022 10:06:21 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
NrIgsfkuIVCdhcXArcxrhb+hgZQvDpSLoOCZ1o/1V4ASJbuWP+JihQ0pt5KVSnvD0Z5SEzu1N2opz0TIxFBP9A==
x-frame-options
DENY
x-xss-protection
0
etciso-default.jpg
st.etb2bimg.com/Themes/Release/images/responsive/
28 KB
29 KB
Image
General
Full URL
https://st.etb2bimg.com/Themes/Release/images/responsive/etciso-default.jpg
Requested by
Host: js.etb2bimg.com
URL: https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
73cee42bc8ca5ef317327ba4bff13b7fbb69080967cc93d43f676e2b14f5c419
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
date
Thu, 20 Oct 2022 10:06:22 GMT
x-cool
22.67
content-length
29173
last-modified
Wed, 22 Sep 2021 12:40:42 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
en
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=28865279
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 19 Sep 2023 12:14:21 GMT
sharect.js
st.etb2bimg.com/Themes/Release/js/
8 KB
3 KB
Script
General
Full URL
https://st.etb2bimg.com/Themes/Release/js/sharect.js?mod=2050
Requested by
Host: js.etb2bimg.com
URL: https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
c442c5505279ba9b8dfe6bf548b2930ace9540cc2e025fcdee7f1e5987064cde
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:22 GMT
x-cool
22.68
content-length
2853
x-xss-protection
1; mode=block
last-modified
Wed, 19 Oct 2022 13:53:34 GMT
server
Bhoot
x-frame-options
sameorigin
vary
Accept-Encoding
content-language
en
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31463569
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-methods
GET,POST
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 13:59:11 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101701&jk=938273243216847&bg=!19Sl1JDNAAYeOJy_Pjg7ACkAdvg8WsnjPwmW7kH2Wl4gF4Ap6Wybv4NH08WLUjKHbLQKtJNrwJp47AIAAABXUgAAAAFoAQeZAq6vnuYqTgkg2ULzPbVD_Six1ZY4q2KOeLXG7L-1DlkYsoxNCA7IQGUsDZp2vTkCpytDraONxWYUaHCiBH6CIXEuUrOSanugGhtXeQRcsLAutaQ4d8x_4JsD8MMLqEjvCZnt1SrT78h02Y85QyP89HuKOn2JNZP_DtIfIiwdDdc5MOOTu4S372qcYC836uCo7neeXivfkai5KaDPGN2yz1ru4fKr6B1jKNmJUex0cr0oG1Jwo0sRElxJN4SB_kVcHgLak5lReUheIdB0486jXOcXYOaF3EJeIxMn0mPZMxUb-FcoT6WZTJHUEWPDgmf-LMrjcB2avtWcfwHb_4BxIkbDSDatFMdXuXsltygFXME6RLgH35ljGd4EiCap4i1Y17j1YNdF0Hl0FIV0psuBXpWrZFHHeWgzSgs3zunwOd0J-ZyhSt87QV1uu8M5IegYoy_mxkyuHnYg0ZLBsR0GbFz1qu2_5VDPF_5KTksqCjcoKbEQfEUKnZOtgZdtKGWoCc2OwkoXYa70yS6Ue8aOjc58lLk61JRN5K5fUwiWrRhIx1jSN_hb4ifok6B_MhOimXMPfelG0LirPQiuPs0QKEqXf00mYn0vaeA1j-pKnPKewMwCUc9Q_p8HpQ1slrZykBF2ZLd3svbAS_hpmPzRcVAbS2pEAukSvIQ2O_gI0ubSLOASyycp6F1w5FMs-cKQsaRn8I4VtvPgzlibherjIk_-_tMC44yfHUNWgwGsYJYY0DSWS68ECpMdlC99Rcql9KPwudTtnkKTDmUaQdw3h_pgCgoLZ6DzQ2ATnI-rptpjChRPVQj_vjPKP_1Aa44Ic7eVfoLK-sGi6dDwyd21-1p3wKin8ArwhZffPSuQBGyvFfldcGkmPuJQ2IS8GvfsAY3tPn0M26pPeIXFcNc9Yw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

promo-inpage.min.css
st.etb2bimg.com/Themes/Release/css/
32 KB
5 KB
XHR
General
Full URL
https://st.etb2bimg.com/Themes/Release/css/promo-inpage.min.css?mod=2050
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:288::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
3527591ed715834f6b6fffdb9dc84f6e387923236c15ba7c582a89c752f4d395
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:23 GMT
x-cool
22.68
content-length
4794
x-xss-protection
1; mode=block
last-modified
Wed, 19 Oct 2022 13:53:33 GMT
server
Bhoot
x-frame-options
sameorigin
vary
Accept-Encoding
content-language
en
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31463580
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-methods
GET,POST
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 13:59:23 GMT
in-page.min.js
st.etb2bimg.com/Themes/Release/javascript/
20 KB
6 KB
Script
General
Full URL
https://st.etb2bimg.com/Themes/Release/javascript/in-page.min.js?mod=2050
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
a4d662654682668b884271c2e97553d582be40c77d12b748d00db7b8a4e1cdda
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:23 GMT
x-cool
22.68
content-length
6027
x-xss-protection
1; mode=block
last-modified
Wed, 19 Oct 2022 13:53:34 GMT
server
Bhoot
x-frame-options
sameorigin
vary
Accept-Encoding
content-language
en
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31463561
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-methods
GET,POST
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 13:59:04 GMT
isInViewport.js
st.etb2bimg.com/Themes/Release/v1/js/
6 KB
3 KB
Script
General
Full URL
https://st.etb2bimg.com/Themes/Release/v1/js/isInViewport.js?mod=2050
Requested by
Host: ciso.economictimes.indiatimes.com
URL: https://ciso.economictimes.indiatimes.com/news/whatsapps-cloned-app-spying-on-indians-via-recording-video-audio/94753319?&web_view=true&redirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
666dad8f839be8cc969e4246e38b6115fb6c4bd638673156602202a9ce8a4020
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 10:06:23 GMT
x-cool
22.67
content-length
2417
x-xss-protection
1; mode=block
last-modified
Wed, 19 Oct 2022 13:53:34 GMT
server
Bhoot
x-frame-options
sameorigin
vary
Accept-Encoding
content-language
en
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31463686
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-methods
GET,POST
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 14:01:09 GMT
dc-20oct-1663580911-bnr-1.jpg
img.etb2bimg.com/files/retail_files/
36 KB
36 KB
Image
General
Full URL
https://img.etb2bimg.com/files/retail_files/dc-20oct-1663580911-bnr-1.jpg
Requested by
Host: js.etb2bimg.com
URL: https://js.etb2bimg.com/Themes/Release/js/jquery-3.3.0.min.js?mod=2050
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3400:293::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a1ed103c4dc4766679dd8fb15f991d7e439dbdec7ccbd28041e2a5721dcafcd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ciso.economictimes.indiatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 10:06:23 GMT
last-modified
Mon, 19 Sep 2022 09:48:31 GMT
server
AkamaiNetStorage
etag
"9ebc1af0ae8fff35e9ca8ce7a34ab72c:1663580911.806412"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
cache-control
max-age=28856814
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
36430
expires
Tue, 19 Sep 2023 09:53:17 GMT
track
api.growthrx.in/v2/
42 B
139 B
Fetch
General
Full URL
https://api.growthrx.in/v2/track
Requested by
Host: static.growthrx.in
URL: https://static.growthrx.in/js/v2/web-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8fb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
8719d96c77f887ea9b3b139dce98f0b2aa072ab557fc0ac24f9466dc7b3f3d2a

Request headers

Accept
application/json
Referer
https://ciso.economictimes.indiatimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
sentAt
1666260385525
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 20 Oct 2022 10:06:25 GMT
server
Bhoot
content-length
42
content-type
application/json;charset=UTF-8
track
api.growthrx.in/v2/ Frame
0
0
Preflight
General
Full URL
https://api.growthrx.in/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8fb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sentat
Access-Control-Request-Method
POST
Origin
https://ciso.economictimes.indiatimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
content-type, sentat
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
31536000
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 20 Oct 2022 10:06:25 GMT
server
Bhoot
strict-transport-security
max-age=25920000; includeSubdomains
x-content-type-options
nosniff
x-frame-options
sameorigin
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
agi-static.indiatimes.com
URL
https://agi-static.indiatimes.com/cms-common/ibeat.min.js
Domain
idm.economictimes.indiatimes.com
URL
https://idm.economictimes.indiatimes.com/personalisation/logdata/uuid/resolve?type=7&source=13&_1666260379807
Domain
accounts.google.com
URL
https://accounts.google.com/gsi/button?type=standard&size=large&logo_alignment=left&theme=filled_blue&width=335&text=continue_with&shape=circle&client_id=304983860261-ji4osqdlk4bjp6369rb8mpt0fghlulkl.apps.googleusercontent.com&iframe_id=gsi_380560_228282&as=c%2B8kUptBXHjYi5%2FF1my6Mw

Verdicts & Comments Add Verdict or Comment

433 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| hdomain object| EtB2b string| base_url string| root_url string| static_files_url string| skin_path string| THEME_PATH string| theme_version string| canonicalReplaceHistory string| login_uid string| FACEBOOK_APPID string| OAUTH_FACEBOOK_APPID number| environment number| B2B_SSO_LOGIN object| $_GET string| ET_PORTAL object| SITE_NAMES object| SITE_CUSTOM_TITLES string| OAUTH_CLIENT_ID object| SUBSCRIPTION_TAGLINES object| SUBSCRIPTION_HEADING object| NL_SUBSCRIPTION object| CONTACTUS_EMAILS number| ET_USER_EMAIL_TRACK_COOKIE number| ET_SUB_SOURCE_COOKIE string| ET_VIDEO_PLAYERID string| ET_PORTAL_CMS_PATH string| CMS_IMG_URL string| COOKIE_SET_DOMAIN string| SITE_NAME_TITLE string| SITE_TITLE string| ec_detail_file string| is_subscription_page number| auto_subscribe_submit string| analytics_gtm_id object| gtmDataStore number| detailPageSchemas object| dataLayer object| _oauth_data boolean| prevent_default_layers boolean| _login_option string| _override_history_url string| ET_DEFAULT_IMG_URL number| login_required string| GOOGLE_APPID string| GAV2_ID string| slike_api_key string| hdr_menu_type string| forum_url number| page_reload number| page_reload_time number| chk_sub_status string| deviceType object| pip_subscription_box number| google_captcha number| csrf_check string| track_activity string| track_activity_after_time_sec string| DESKTOP_NOTIFICATION_UNIFIED_FCM_ID string| ET_DEFAULT_FACE_IMG_URL object| _comscore object| COMSCORE object| comscore_config object| b2bOnReadyFunctions object| b2bOnCompleteFunctions string| twitter_handle number| is_pip object| pip object| newsletterList number| allowMultipleNewsletterSubscription object| grx_config string| JS_PATH string| JS_PATH_V1 string| CSS_PATH_V1 number| demosite number| file_version string| MINIFY_FLAG number| MINIFY_MERGED_FILE string| minified_postfix object| resourceURLMap function| loadScript function| loadCss function| executeOnReady function| executeOnCompleteHelper function| executeOnComplete function| executeOnCompleteFunction function| executeOnReadyFunction function| elementInViewport function| unvielImg string| currentnavselector object| Base64 function| hasUserAllowedInEU boolean| isIbeatLoaded boolean| isGTMLoadValid function| ga function| isGDPRNation object| objGdpr object| b2bGdpr object| pattern object| patternexception boolean| ga-disable-UA-5594188-46 function| unveilAllImg function| initUnveilImg object| etIdentifiers function| Fingerprint2 number| x function| $ function| jQuery object| Sharect string| ajurl object| v function| callContentWidget2 function| onContWdgtHp_iframeLoaded2 function| setWidgetContSize2 object| callbackFunctionStack undefined| errorLog string| gbl_lyr_xtra_cls string| gbl_lyr_close object| pAction string| set_pop_cookie string| fromMail_redirect_flag string| forward_blk undefined| sub_source string| pEmail string| set_cookie_email undefined| yoloFlag undefined| checkAjaxflag object| durl boolean| mouseDownOnScrollbar boolean| animateScrollActive object| hoverTimeoutId string| _profile_email number| preventOverRideHistoryState string| two_col_rt boolean| profileComplete boolean| featuredFlag string| cUrl string| slikeApi object| utmQueries boolean| utmFlag string| videoid boolean| slikePlay undefined| posterUrl boolean| $slikeAudio boolean| $renderSideAds number| scrollFlag function| getCookie function| setCookie function| setLocalStorage function| getLocalStorage function| deleteLocalStorage function| deleteCookie function| updatePageAnalytics function| getUserLocation function| changebrowserurl undefined| YTPlayer function| onYouTubePlayerAPIReady function| onPlayerReady boolean| flagplay function| onPlayerStateChange function| renderToolTips function| inPagePromoCallback function| search_content function| decodeHTML function| YouTubeGetID function| loadVideoPlayer function| calcutateTimeStamp function| timeConversion number| pindex number| inindex string| login_trigger_position function| executeArrayBasedFunction function| rfc3986EncodeURIComponent number| windowname function| facebook_share function| twitter_share function| linkedin_share function| whatsapp_share function| telegram_share string| $newsletter_querystring number| externaljscount number| _sf_startpt object| googletag undefined| slideshowGPTBanner object| sidebarGoogleAdsSlots function| positionAdSlots function| callProductEndAds function| addLeaderBoardClass function| handleGoogleAdLoad object| __webpack_exports__ function| _typeof string| portalName string| client_id object| oauthObjConfig string| oauthUserData number| showLoginDuration object| layerVisiblePortal number| expireTime object| cbsOnPortal string| loginVersion string| abTestVersion string| headerLoginGoogleEvent object| nl_id boolean| showSubscribeBox boolean| checkUserSubscribed object| environmentMap string| portal_env string| productApiUrl string| apiUrl string| b2bPortalUrl boolean| isChromeBrowser number| isWebinarDetailPage undefined| valError object| pageLocationStore object| pageCompanyStore object| pageDesignationStore function| gtmUpdateUserProfile function| setGtmTriggerPosition function| clearNewsLetterStates function| userSessionCallBack function| loginCallback function| removeRequiredFields function| validateFields function| showBackendErrorAgainstField function| getFullLocationString function| getCurrentPortalsNewsletterID function| continueWithGoogleLogin_CB function| continueWithFBLogin_CB object| userlocationinfo string| login_type string| empid string| cancelprofilecompletion function| primeLoginVersion function| primeLoginOption function| customAddEventListener object| CroppieCrop string| portal_product boolean| iOS boolean| newDetails function| loadJSScript function| getCurrentUrlWithUtm object| _GET function| parseUtms number| retryIfNoFeaturedItemCreated function| getQueryParams function| refreshGoogleAds function| refreshSidebarGoogleAds object| getfeaturedSectionId object| storeSectionInfo function| etb2blog object| b2b_analytics_helpers function| b2b_analytics_core function| b2b_analytics object| b2b_analytics_engines function| setDefaultEngines function| setPageViewEngines function| setEngine function| resetEngines function| send_pageview function| send_virtualpageview function| send_event function| set_user object| b2b_analtics function| renderAds function| renderSideAds object| $obj function| render_featured_sections object| $temp string| $type undefined| $offset undefined| $limit string| $boxid undefined| $params object| $paramsarray string| $ftype object| $featured_section_temp boolean| doLoadHeadlineTesting boolean| headlineScriptLoaded undefined| script object| na object| iBeatPgTrend function| isHeadlineTestingEnabled function| ib_loadHud function| ib_calcPageTimeSpent function| identifyPingFrequency function| getValidatedValue function| logaction function| uuid object| iBeatHeadline function| ib_addDefaultListener function| ib_addbeforeUnloadEvent function| ib_eventReceived number| fallbackTimer number| totalTimeSpentNow number| totalActiveTimeNow string| COLOMBIA_ID string| DEVICE_TYPE string| SID string| DOMAIN object| $cr object| $crr function| $cr.handleCentralSsoCallBack() object| commonJsStrict function| Croppie boolean| isGTMFired object| b2b_gtm_analytics function| EXIF object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google function| SlikeLoader object| spl object| times object| retrievePromise object| head object| style object| newsletterResponse object| ggeac object| google_tag_data object| google_tag_manager function| grx string| GoogleAnalyticsObject string| _linkedin_data_partner_id object| growthRxPageViewObj object| GooglebQhCsO function| lintrk boolean| _already_called_lintrk object| default_gsi object| __G_ID_CLIENT__ object| closure_lm_430175 object| closure_lm_709057 object| gaplugins object| gaGlobal object| gaData undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| $returnFDataGrouped function| onYouTubeIframeAPIReady object| google_optimize string| $activeSubscription object| $data object| $tempuniquega object| $this object| secnamearray function| myFunction function| contentAdded function| isFacebookApp function| close_pop_up function| send_token function| send_notification function| get_pop_up function| addScrollFunction object| stickyNav number| layer2width1 object| sidebarElm object| readMap string| primeFlag string| newsAgencyName undefined| byLine function| contentDetailAdded function| update_news_views function| heightBalance undefined| newsMsid object| loginLayerSession function| showBtnBeforeSubs function| showBtnAfterSubs function| showViewInApp function| showLoginLayeronArticle function| storeSessionID function| appDeepLinkGenerator object| $article object| $datag object| $datap string| $mod string| $pos string| $prmskstr object| $prmsk string| $datapk number| $datapv string| $datastr undefined| $isPip object| yolonotification function| getParameterFromURL function| getMediaSourceValue function| getCampaignValue function| stringifyAfParameters function| setGenericParameter object| AF object| GoogleGcLKhOms object| $skinningdivobj object| $containerdivobj object| $returnFData object| FB object| __buffer number| reqFlag object| google_image_requests object| inpagePromoItems function| inPagePromoIncreaseRendererdCount object| etb2binpage number| in_page_promo_rendered_within_article function| inPageCheckAuthorCarouselControl

31 Cookies

Domain/Path Name / Value
ciso.economictimes.indiatimes.com/ Name: PHPSESSID
Value: 4c35126438769944d5b70157463fc00f
.economictimes.indiatimes.com/ Name: ak_bmsc
Value: 1606C498E4231B17F221F513CD8B8FAF~000000000000000000000000000000~YAAQp1gDF5cdaeSDAQAAmafb9BFXFQm5LTTuQ4yqRFAVLDa1J/AdgT0Lt7Jg/ug8N7wASBtB92M0rZrVyIdvXOtImXHd7p3DIQbPQfcr/PgsorrwzA4L4YTIQObZS6s8jWfyAC9vd1bWipz+LoMB59V7b4I0x/YITDE6yM6J/UOjBdPjzjV9rLYF5TnBtoFJxa5TRQAOdIc3I1brbXl1uyaIjWZgmEU4MZi4nCSYHRZ3Vc0W5BaWcqSsM5Wocgapeq4F4KKWmYCew8D6/52JO/QHttfEBEnbSeL/cg/9C/WH9I4bGvsnVK3g/zl77hqzZCxNQao8tUxxK1352dK/Q279MPgEaCmRXmTMNglUFhedEJ9YKGv5/H/yOVi6dIMdhEgVRi3yk7u4uwk23Q+ly1LygjAQVUbqjFdK3P99MPPTrME=
.indiatimes.com/ Name: fpid
Value: dd14d3a96eaa1c594172030a04828aeb1666260380
.economictimes.indiatimes.com/ Name: OS_CLIENT_ID
Value: 0690faf5-bc20-4dda-922e-365ac47ff0ce
ciso.economictimes.indiatimes.com/ Name: _iibeat_session
Value: c7c2f7d8-bc8a-42bd-b5dd-e4fd6d3223a5
ciso.economictimes.indiatimes.com/ Name: _iibeat_vt
Value: 20220920
.indiatimes.com/ Name: incg
Value: 1
.clmbtech.com/ Name: _col_uuid
Value: 8c068928-f9e2-43fd-97b2-ad8bf70ccc97-10tzk
.indiatimes.com/ Name: _gcl_au
Value: 1.1.677315719.1666260380
.indiatimes.com/ Name: _grx
Value: f47d4f53-dba5-4e1c-a32b-44622d522c3c
.indiatimes.com/ Name: _grxs
Value: 9cc31925-57b9-48ca-b620-d223b0190ff6
.indiatimes.com/ Name: deviceid
Value: dgosbwmosl1yegfzo7i7tu2dj
.indiatimes.com/ Name: lgc_deviceid
Value: dgosbwmosl1yegfzo7i7tu2dj
.indiatimes.com/ Name: _gid
Value: GA1.2.1485663474.1666260381
.indiatimes.com/ Name: _gat_UA-5594188-46
Value: 1
.linkedin.com/ Name: UserMatchHistory
Value: AQLTGanmq0i1YAAAAYP026vZ30ne0Q6-5yy_EAaOXnF97bTJ1LqcG4RPROyoFU5NigxtUSzgJml3Pw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJeO1Md9aan8gAAAYP026vZ6c3MEZ4WwlQQXu8MIVR7u2xju2tsCAD2bW59KiTtYEfBnrWXnQ-u4fiJh2YKfw
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&880c3958-f38c-4458-85f3-f572794d8bc3"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2738:u=1:x=1:i=1666260380:t=1666346780:v=2:sig=AQFGbhvc9Vpwbrj0SzThZRzwgzBEo7eA"
.indiatimes.com/ Name: pfuuid
Value: 1696677608295727
.indiatimes.com/ Name: _ga_JQSEJYYECH
Value: GS1.1.1666260380.1.0.1666260380.60.0.0
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202210201006208b997f75-b69f-4eb5-8c2b-651ab1754404AQGEU12LvkTMSDKvOrpvadTg1RuD8BF-"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjYyNjAzODA7MjswMjH7b3CwlftqA2nOhGRGjtdA6aM+L/K9j5kYnLPpqrdcrw==
.economictimes.indiatimes.com/ Name: b2b_newslettersubs
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUluLA3SNRG8l9uXsS_X9GIWiyd7NPULAVLjrVJ7FnkMk5v7OCYQKHsmRR9U0l4
.indiatimes.com/ Name: __gads
Value: ID=9708527bdc18a130:T=1666260380:S=ALNI_MbyEgpudAsJfPPDieG5fAO-COVXCg
.indiatimes.com/ Name: __gpi
Value: UID=00000b75a98cfb13:T=1666260380:RT=1666260380:S=ALNI_MbRY20wZ5XkWd3zW4nrl9J76-OaTQ
.indiatimes.com/ Name: _ga
Value: GA1.2.1260255014.1666260381
.economictimes.indiatimes.com/ Name: bm_sv
Value: CCF1AE68BFC0458054536542B5AC6AE4~YAAQp1gDF8odaeSDAQAAQbzb9BHtCarrwXbD3lqjKiDCZi/jLqCtrlsuE2KhX2mKWMObj9XETQtMCNkui7JOnQMaPh2jAnAYFiYonTKPHn02lOYJwwpAgpxlzN4cAJJ+ZZnUHs1ymBgwUIEJvbVyUPfRjD6O3Mpt9yeu7lzZ7U7A6i4B32xO7DMvs/x242cIvaJ+ldEKsLdSstYpTHr8lO/xhjw+JqlknG2zPy8ylHhGC/rqK74S5Wx5vgGafJJs7niQzQeQQ47Oq8t2whlyDS7G~1

3 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://img.etb2bimg.com/imgv2/width-100,height-100,resize_mode-3/cpsbranding_logo-1589774513.png_(500%C3%97295)_-_2020-05-18_09.30.41.png
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a85f59ba8d899b4509648cbc099bc355.safeframe.googlesyndication.com
accounts.google.com
adservice.google.com
adservice.google.de
agi-static.indiatimes.com
api.growthrx.in
api.ibeat-analytics.com
ase.clmbtech.com
cdnjs.cloudflare.com
ciso.economictimes.indiatimes.com
connect.facebook.net
csp.withgoogle.com
economictimes.indiatimes.com
etimg.etb2bimg.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
idm.economictimes.indiatimes.com
imasdk.googleapis.com
img.etb2bimg.com
js.etb2bimg.com
jsso.indiatimes.com
pagead2.googlesyndication.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
snap.licdn.com
st.etb2bimg.com
static.clmbtech.com
static.growthrx.in
stats.g.doubleclick.net
tpc.googlesyndication.com
tvid.in
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
accounts.google.com
agi-static.indiatimes.com
idm.economictimes.indiatimes.com
13.107.42.14
13.32.121.21
2001:4860:4802:32::36
223.165.28.18
2606:4700::6811:190e
2620:1ec:21::14
2a00:1450:4001:802::2001
2a00:1450:4001:806::2004
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2011
2a00:1450:4001:810::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:4001:831::200d
2a00:1450:4001:831::200e
2a00:1450:400c:c0b::9c
2a02:26f0:3400:288::3126
2a02:26f0:3400:293::3126
2a02:26f0:3500:16::215:14a0
2a02:26f0:ab00:381::2a5b
2a02:26f0:ab00:3a5::3857
2a02:26f0:ab00:48c::216f
2a02:26f0:ab00::214:8f79
2a02:26f0:ab00::214:8fa8
2a02:26f0:ab00::214:8fb9
2a02:26f0:ab00::214:b492
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
01d9da757be0f6bf9148d6157b5dd4606fe7c1eef6f02303669878260d51eff6
0272cd273e0d456906b9df7935a9e1ce1c5eb0e9fca696dd2e6063e370bc07bf
02bb088217fcf02ceb721e6df8ac18fde8d7641bcc0ee0b2f9cd588c4166f2c1
0339f703d6a1ac47eebb907cb687f4948ac5a7dd4abde8ce0685c168263a7ae1
03b5778d4efa3226bb51c1644af6ed0bf87ae6fd3d9e86c7b7fb3baab1bf409b
0533608ec72f801178eae10b04924775f9ef8243bad5cc5da7bae035f9d869d2
06232fc794d3717a6a5a4a0a76ce013ff455a821a15edec5441c5938cf38567b
116b562aab1ee17740040853ef5a7cbcf020d316a74d6fb296ed65fd7f85b82e
11bdbb5c5f62eae5c6d499f041d419bf46aa2339166a17972fa7366ea70f12e8
1514361e78d69a4b589ec73a16169af7ce398ef324b2c66f84ccdc647440a1c6
16922e0618061c38b2fecdfbe9725bbc3e018f855becf498d30ad8acae59ff21
1bad6b8cf97131fceab8543e81f7757195fbb1d36b376ee994ad1cf17699c464
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
272c592f1ffb0b27d92b955fd395c962af288d9f36e883eaac50fe76ffa1ce04
28ca8d05d8dd90225d55d81f32ec91af1cc4ee076da516f20982d8dc689bfcc5
28fe0374b6c20216ecf826f1315de52fc80c8b34447aa3aa199d9d34e837175a
296cc1f61ac2818eff6c41495554ca50e76665f1ab5209e8d7fcec1dff510be9
29cae34dab991bc7bfaff2aef81ac4b64ddf73d5c59db5d47279166557b8d3ce
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bb78a6d31b300800cb7c70d4854f171e1d412073127bd37f678235b373785f3
2d78d730205756ab1b09fa76654c88bf92eb83f3390803c59d1b459943eacb45
2dc57675634b0bb282f72edb7ced2e6fde506cefdb415f7ff05dfa3d3e147406
301bf02d3752acec04b7d988100b04fda872c3fcd1ed452d0c92a2499cd7950a
33a5d89b90a9479aa2d18dd3e709c164ad4195f3b0db9be6ce3132a0e00bf2b4
33ca3dbaa9c05513815a8dffd991d22091be6476da41da658c92cbbdda5e29c2
3527591ed715834f6b6fffdb9dc84f6e387923236c15ba7c582a89c752f4d395
369623135a22ccbfc41ec2503ee478e49bdaedd026546f7554bc4fc7fe3a0c64
3787e13f42f694ac50240a3327f7817af201adffeb35e1e731b736ea32af0386
3d79fa85221425b43468845708b86a8aa34906187b2066c33135fdb400de6732
442d7d9e218bf498f058ec524d8cb7d64e792ba821e3ac263e3a9cac7e283f17
44cd48eb1bf52aece27e0478150f0a9ffec6cc5e96f927afe8f58429d27fe381
453432f153a63654fa6f63c846eaf7ee9e8910165413ba3cc0f80cbeed7c302e
5096bc3e53da3f4e187d8bccc5b30e1822924c0c095c978645defa260b91f0f0
5175d9999434689350305aa94d1c932bd7aa76c471f9e0b14cf12a68fcc1fde3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570a0988755ed679ee57c73669c72ce35925d151760b3da59adee3b57430defd
5b632285a1f3548edc876c374765bb1274df389811f5600290d05307a555bbf8
5d9b83bd803879ea66c7c89de72d3ab611d4601505bfe149c3bd96731224346e
603558319c899719f5efd9f2be431275a3248e869353d0a22d47ae4d227ea2cc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
666dad8f839be8cc969e4246e38b6115fb6c4bd638673156602202a9ce8a4020
667b3add8fe72e415c9a00d5c3d42b450f8c9c0f8dd7b01eb1074b51466750df
68cde42fd37050ecd96d87949f34f73a64742abfe396f7bf7c20363e6e98cf6c
6a92fa3b91d3301f89ca1486081f7ecb4ed9965d697c2069a59a67256ce7b42a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e3df48d93c5f9ec0ae12ba62ddfff02f0cacb46fa84435d50f962829d8e9995
71bad20495ab3c839083689effb9583786a18684d47dbdef623b117822d486ab
71f2940ec78bc4c5ff54c23fb9aa3faead0c28e69e0ab83c1998d21719a8b46f
73cee42bc8ca5ef317327ba4bff13b7fbb69080967cc93d43f676e2b14f5c419
78cc995be7d55f5dec66a8873360fbff9e548814617fa693039f382a164d5f84
80d3f16bc7d23747b230a4686d1291327a00298840cbe49649a783eab0eec6de
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851349cec283872569de96039c36940176ff862197cfab5fb120e23605222571
8719d96c77f887ea9b3b139dce98f0b2aa072ab557fc0ac24f9466dc7b3f3d2a
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8a37492336f75b0e173b20239f8e44bd89d27e739942cae7ef555b6b7a50bf9e
8b225e6ef02ebae8cfb985af7f12963e29b5c025f923ed4a8711d3214963b1a4
90e760642397f739af2c7a755bef32fbb78cf18bc20b1613a615cd684e3d10ab
9372f8c6aa5c13e6d9d7ecc1b3adb287a8261211946c7a35d0c105cf9585dba0
99b06eaa2f43d5c4654a11824da6f27b9821d51720d1d54ab3ebdba6392ed37f
9a8a2bc53281d42a7abad29a5957ea3728a3d75cf30879f2a6299a985d814767
a05c4612438161f805009c1c7b6575de341c6198a7e025b41f534528702346f9
a1abd88ea651bde8b1439dd6ec1be79807689cb794d96612a1eb65f503066556
a1ed103c4dc4766679dd8fb15f991d7e439dbdec7ccbd28041e2a5721dcafcd9
a32b8f867679bdae90615c15f5c3b0aa1ddc3f758c29f6b03976e00c5dad1bc4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d662654682668b884271c2e97553d582be40c77d12b748d00db7b8a4e1cdda
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab76c8f3c21530b36d51b97e8107597d45ce1e645213592cd5b1319924ef8391
abd4c2ba69f4e75099d7d64effd1b0afd89f88e311e772e2fa4d6685b62dae2b
ada6984e475088956fad66369980da3152edb9427e941621a8d42c903dfa5d4e
ae0565a599a56de1a6ac24b31471a92f53a741bd4b2c7c421c29a59460e4d9e5
afd0292ab2ab81231e6986c436206bade5cc4b584fc66be5a7ff447829a2c20d
b03052d31617d58fefffc77d4ae94552e3ac9cb5d345d544332dcfd517a1bec9
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4a419095aa8f87ac838a7c0f52fa682bc635aa4d1927b9c058d547fc67dd5ea
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b7c2ed8f6679fccdeede656c4c23453cea03a7732b0c1a377d16272ef3dae25c
b80fb361fcb0aa10ac2b6b5972639211431b5e4bcec94e3c48437dece7edff89
b8d23ae5cb5c40b8ce90ebd2b6b05b921db983771679bfb853848b052e3b9ebf
bcba904a8fde4c447d76f8f786ddc5e11f8d7ed3d0e4822a78d6e442be288bc3
be7e33e2a21b9c1766214f8fee6f4d1236b4b275aafccd8c5e452b7cbe539eb5
bfaf5faf03f19e6cf5d6a0b023acb53e196687190aeb4f922c6d7d073da63f29
c11a95812e22f788011f278b115246de2493f98c8acbe3bef3df04fae4294c97
c1decb9a62362c396d81e5234ed8a1d3463eebc06eb93b9bbafd65e08acba096
c442c5505279ba9b8dfe6bf548b2930ace9540cc2e025fcdee7f1e5987064cde
c4a4ff8e5c9e9a13a8d4a125b389cc055a7b1f5c12ee7c7f6ac558b565e44c99
ce5f1ffa9358bc544e797beafb2c6f07cd316a88b3dd9b977d1c05443d6d30e4
d33199a5cabfda5d0bf95aea9b5e5e29aa1e497f489ba0c7ee666992bf8ce83e
d443ac5dc3312c866410bb6708ef591e5003233cdcb12b5782bb2519f3a77253
d62ab134d71cdadaf6c251d7afee2acac3cf0a47058c68ea7792a266aca8c20d
d8af83aaec3d4c09d9c9b91b677ee43699d18e6b2655cf0e0343cc047a327c58
d91624ef2453616b28f59b6fdad951957ed0ce8bd1193a895acd3d5535067eb9
dc0451e823795cff58b64c62bbefea508e019863f2c7abf9c2c83670699ac90d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dff44c850f488b29134037eb3abbf21164bbeed526b0542dd3c6de54fab65792
e13d9150ae99e914aeaae56f8d4bbbf343b335915133718e6b035d1109f39789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9564a6d89aa80323a64b196234966732023eaecd3ccb31e3e6cae034a76eea5
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
ebff8e3fa7a91e7935e25e9559e903cb1862c455511a6bde9e0f9284746784bf
eeee9d420cc3ad81051d806fba551879f223cfbeedfa17ad9f17d1cafadf4226
ef0cb5e17b0fc2499ed96e9fa47cda0df277616df31beab481b177526d3c3d13
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef83971794dbc8a3fb5bc55aa7bad6d4dc46d52ef14f948d3b9482557f74673a
fa03a0aa0825c718607bfaa226bfd6e8d903a3c637bd38a9165b31c125961510
faf7aa1bfec0e1c34ec00fcbf6894ee5c27cd1f9a2212b1bf39ed08d69cec3ee
fc59bb451bfa9167bf632b834dd4ec549c604daab95e43b551f2db6d8208fdaa
fde0c4ae58598a94465a32e83c7796e6aa964c2096b58e0855e6bfbddd3e8b95