www.timesnownews.com Open in urlscan Pro
2a02:26f0:1700:5::5f65:1b4b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-detai...
Submission: On April 08 via api (April 8th 2023, 3:57:15 am UTC) from IN — Scanned from DE

Summary HTTP 287 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 75 IPs in 9 countries across 50 domains to perform 287 HTTP transactions. The main IP is 2a02:26f0:1700:5::5f65:1b4b, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.timesnownews.com. The Cisco Umbrella rank of the primary domain is 80064.
TLS certificate: Issued by R3 on February 24th 2023. Valid for: 3 months.

This is the only time www.timesnownews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	2a02:26f0:170... 2a02:26f0:1700:5::5f65:1b4b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a03:2880:f21... 2a03:2880:f21c:81c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f21... 2a03:2880:f21c:81e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:220... 2606:2800:220:de:468:2285:c1:4a3	15133 (EDGECAST) (EDGECAST)
11	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2.19.228.187 2.19.228.187	16625 (AKAMAI-AS) (AKAMAI-AS)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:e::210:f10e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a02:26f0:480... 2a02:26f0:480:c::210:f198	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6812:d941	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:393::2a5b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:9600:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
1	18.64.94.60 18.64.94.60	16509 (AMAZON-02) (AMAZON-02)
3	104.36.113.67 104.36.113.67	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	178.32.210.227 178.32.210.227	16276 (OVH) (OVH)
1	204.237.133.116 204.237.133.116	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 4	37.252.171.22 37.252.171.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
1	88.221.169.49 88.221.169.49	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.44.158.125 52.44.158.125	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42::714 2a04:4e42::714	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:170... 2a02:26f0:1700:78f::3857	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:64:... 2a02:26f0:64:681::3621	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:170... 2a02:26f0:1700:5::5f65:1b52	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2606:4700:1::... 2606:4700:1::6813:874e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:c::210:f1a2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 10	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
3 16	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
5	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
12 14	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
4 8	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	185.183.112.148 185.183.112.148	60350 (VP) (VP)
2 2	70.42.32.31 70.42.32.31	13789 (INTERNAP-...) (INTERNAP-BLK3)
2 3	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	104.18.11.47 104.18.11.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.19.228.175 2.19.228.175	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	104.36.113.112 104.36.113.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
11	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1 1	34.95.81.168 34.95.81.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1 3	2a05:d018:d29... 2a05:d018:d29:3602:39b1:7ee6:8530:823e	16509 (AMAZON-02) (AMAZON-02)
1	104.18.10.47 104.18.10.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3038::6815:eb89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:1::... 2606:4700:1::6813:884e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::200d	15169 (GOOGLE) (GOOGLE)
4 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	52.95.126.160 52.95.126.160	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3 33	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
5 5	54.220.57.170 54.220.57.170	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 1	185.86.139.101 185.86.139.101	201081 (SMARTADSE...) (SMARTADSERVER)
3	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	54.154.21.107 54.154.21.107	16509 (AMAZON-02) (AMAZON-02)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	35.171.222.142 35.171.222.142	14618 (AMAZON-AES) (AMAZON-AES)
1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	104.36.113.107 104.36.113.107	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	104.36.113.111 104.36.113.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:8... 2600:1901:0:8344::	15169 (GOOGLE) (GOOGLE)
1	204.237.133.242 204.237.133.242	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2a02:26f0:480... 2a02:26f0:480:385::3857	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
287	75

33 2a02:26f0:1700:5::5f65:1b4b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.timesnownews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apiprod.timesnownews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f21c:81c4:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f21c:81e5:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:220:de:468:2285:c1:4a3 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.228.187 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-187.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:e::210:f10e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

onelinksmartscript.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:480:c::210:f198 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.tnn.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.ibeat-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d941 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:393::2a5b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.growthrx.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:9600:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.94.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-94-60.txl50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.36.113.67 (United States)

ASN62713 (AS-PUBMATIC, US)

ow.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

timesnetwork-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.32.210.227 (France)

ASN16276 (OVH, FR)
PTR: ip227.ip-178-32-210.eu

www18.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.237.133.116 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.22 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.169.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-49.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.158.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-158-125.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:1700:78f::3857 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tvid.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64:681::3621 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

jssocdn.indiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:5::5f65:1b52 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

geoapi.tnn.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:1::6813:874e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:c::210:f1a2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

jsso.indiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.16.194 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.46.155.104 (Ashburn, United States) 4 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.148 (Meaux, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.31 (United States) 2 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.228.175 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-175.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.112 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.168 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com

euexchangesync.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.71.149.231 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3602:39b1:7ee6:8530:823e (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3038::6815:eb89 (United States)

ASN13335 (CLOUDFLARENET, US)

img.rtbsystem.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.126.160 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.220.57.170 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-57-170.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.101 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.21.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-21-107.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.171.222.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-222-142.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.113.111 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.237.133.242 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:385::3857 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

agi-static.indiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com 3 redirects f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 145 pagead2.googlesyndication.com — Cisco Umbrella Rank: 111	367 KB
33	timesnownews.com www.timesnownews.com — Cisco Umbrella Rank: 80064 apiprod.timesnownews.com — Cisco Umbrella Rank: 425284	841 KB
28	doubleclick.net 12 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201 stats.g.doubleclick.net — Cisco Umbrella Rank: 100 cm.g.doubleclick.net — Cisco Umbrella Rank: 228 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	275 KB
21	gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	386 KB
18	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8594 c.mgid.com — Cisco Umbrella Rank: 5670 cdn.mgid.com — Cisco Umbrella Rank: 11443 servicer.mgid.com — Cisco Umbrella Rank: 8526 s-img.mgid.com — Cisco Umbrella Rank: 5087	262 KB
16	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 569 dsum.casalemedia.com — Cisco Umbrella Rank: 1418	14 KB
15	amazon-adsystem.com 6 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 309 aax.amazon-adsystem.com — Cisco Umbrella Rank: 412 s.amazon-adsystem.com — Cisco Umbrella Rank: 301 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 964	68 KB
15	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 509 ow.pubmatic.com — Cisco Umbrella Rank: 3384 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 500 image6.pubmatic.com — Cisco Umbrella Rank: 779 image2.pubmatic.com — Cisco Umbrella Rank: 999 simage2.pubmatic.com — Cisco Umbrella Rank: 733 image4.pubmatic.com — Cisco Umbrella Rank: 1076 t.pubmatic.com — Cisco Umbrella Rank: 3882 simage4.pubmatic.com — Cisco Umbrella Rank: 1232	182 KB
14	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 90 accounts.google.com — Cisco Umbrella Rank: 87	80 KB
12	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 498 eus.rubiconproject.com — Cisco Umbrella Rank: 577 token.rubiconproject.com — Cisco Umbrella Rank: 574 pixel.rubiconproject.com — Cisco Umbrella Rank: 340	16 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 353	218 KB
7	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 473 fonts.googleapis.com — Cisco Umbrella Rank: 47	126 KB
6	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 302 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	3 KB
6	smartadserver.com 1 redirects www18.smartadserver.com — Cisco Umbrella Rank: 43720 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 604	3 KB
5	bidr.io 5 redirects match.prod.bidr.io — Cisco Umbrella Rank: 552	2 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 368	1 KB
5	tvid.in tvid.in — Cisco Umbrella Rank: 63147	186 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2284	20 KB
5	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 230 acdn.adnxs.com — Cisco Umbrella Rank: 581	21 KB
5	tnn.in static.tnn.in — Cisco Umbrella Rank: 111763 geoapi.tnn.in — Cisco Umbrella Rank: 492208	36 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	195 KB
4	indiatimes.com jssocdn.indiatimes.com — Cisco Umbrella Rank: 77236 jsso.indiatimes.com — Cisco Umbrella Rank: 43319 agi-static.indiatimes.com — Cisco Umbrella Rank: 67128	15 KB
3	rtbsystem.org img.rtbsystem.org — Cisco Umbrella Rank: 35819	259 KB
3	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 652	905 B
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1542 mab.chartbeat.com — Cisco Umbrella Rank: 2438	25 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	124 KB
3	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 17139	69 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 793 syndication.twitter.com — Cisco Umbrella Rank: 1106	132 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 387	734 B
2	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 805 id.crwdcntrl.net — Cisco Umbrella Rank: 1729	586 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 650 cdn.indexww.com — Cisco Umbrella Rank: 1561	2 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 561	618 B
2	google.de www.google.de — Cisco Umbrella Rank: 5216 adservice.google.de — Cisco Umbrella Rank: 7832	939 B
2	openx.net timesnetwork-d.openx.net — Cisco Umbrella Rank: 910042 u.openx.net — Cisco Umbrella Rank: 651	473 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 162	3 KB
2	instagram.com 1 redirects platform.instagram.com — Cisco Umbrella Rank: 8229 www.instagram.com — Cisco Umbrella Rank: 1195	20 KB
1	ibeat-analytics.com api.ibeat-analytics.com — Cisco Umbrella Rank: 52184	403 B
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1429	254 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 913	518 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 804	610 B
1	thrtle.com thrtle.com — Cisco Umbrella Rank: 1318
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 578	664 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 400	865 B
1	digitaleast.mobi 1 redirects euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 23702	268 B
1	adotmob.com 1 redirects sync.adotmob.com — Cisco Umbrella Rank: 1623	281 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 855	757 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1231	201 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1399	394 B
1	growthrx.in static.growthrx.in — Cisco Umbrella Rank: 59078	14 KB
1	appsflyer.com onelinksmartscript.appsflyer.com — Cisco Umbrella Rank: 50976	19 KB
287	50

	Domain	Requested by
33	tpc.googlesyndication.com	3 redirects www.timesnownews.com f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
32	www.timesnownews.com	www.timesnownews.com
14	cm.g.doubleclick.net	12 redirects www.timesnownews.com
10	pagead2.googlesyndication.com	www.timesnownews.com www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	dsum-sec.casalemedia.com	2 redirects ssum-sec.casalemedia.com
10	www.google.com	2 redirects www.timesnownews.com f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com tpc.googlesyndication.com
10	securepubads.g.doubleclick.net	www.timesnownews.com securepubads.g.doubleclick.net
8	s.amazon-adsystem.com	4 redirects ssum-sec.casalemedia.com www.timesnownews.com ads.pubmatic.com
6	www.gstatic.com	f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com www.timesnownews.com
6	fonts.googleapis.com	securepubads.g.doubleclick.net f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com www.timesnownews.com
6	s-img.mgid.com	www.timesnownews.com
5	fonts.gstatic.com	fonts.googleapis.com
5	match.prod.bidr.io	5 redirects
5	pixel.rubiconproject.com	3 redirects www.timesnownews.com
5	f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	match.adsrvr.org	ssum-sec.casalemedia.com www.timesnownews.com ads.pubmatic.com
5	cdn.mgid.com	www.timesnownews.com
5	ssum-sec.casalemedia.com	1 redirects ads.pubmatic.com ssum-sec.casalemedia.com js-sec.indexww.com
5	tvid.in	www.timesnownews.com tvid.in
5	www18.smartadserver.com	ads.pubmatic.com
4	encrypted-tbn2.gstatic.com	f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
4	www.googletagservices.com	f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com www.timesnownews.com
4	token.rubiconproject.com	4 redirects
4	jsc.mgid.com	www.timesnownews.com jsc.mgid.com
4	ib.adnxs.com	1 redirects ads.pubmatic.com acdn.adnxs.com
4	static.tnn.in	www.timesnownews.com
3	googleads.g.doubleclick.net	www.timesnownews.com f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
3	encrypted-tbn1.gstatic.com	f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
3	encrypted-tbn0.gstatic.com	f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
3	image2.pubmatic.com	ads.pubmatic.com
3	aax-eu.amazon-adsystem.com	2 redirects www.timesnownews.com
3	accounts.google.com	www.timesnownews.com accounts.google.com
3	img.rtbsystem.org	www.timesnownews.com
3	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com ads.pubmatic.com
3	ups.analytics.yahoo.com	3 redirects
3	sync-tm.everesttech.net	2 redirects ads.pubmatic.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.timesnownews.com
3	ow.pubmatic.com	ads.pubmatic.com ssum-sec.casalemedia.com
3	www.googletagmanager.com	www.timesnownews.com
3	cdn.izooto.com	www.timesnownews.com cdn.izooto.com
3	c.amazon-adsystem.com	www.timesnownews.com c.amazon-adsystem.com
3	ads.pubmatic.com	www.timesnownews.com ads.pubmatic.com
2	eb2.3lift.com	1 redirects ads.pubmatic.com
2	eus.rubiconproject.com	ads.pubmatic.com eus.rubiconproject.com
2	b1sync.zemanta.com	2 redirects
2	servicer.mgid.com	jsc.mgid.com
2	jsso.indiatimes.com	jssocdn.indiatimes.com
2	region1.google-analytics.com	www.googletagmanager.com
2	static.chartbeat.com	www.timesnownews.com
2	sb.scorecardresearch.com	www.timesnownews.com
2	platform.twitter.com	www.timesnownews.com platform.twitter.com
1	api.ibeat-analytics.com
1	agi-static.indiatimes.com	www.timesnownews.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	t.pubmatic.com	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	lexicon.33across.com	ads.pubmatic.com
1	image4.pubmatic.com	ads.pubmatic.com
1	simage2.pubmatic.com	ads.pubmatic.com
1	ad.turn.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	thrtle.com	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	rtb-csync.smartadserver.com	1 redirects
1	bh.contextweb.com	1 redirects
1	px.ads.linkedin.com	www.timesnownews.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	euexchangesync.digitaleast.mobi	1 redirects
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	image6.pubmatic.com	ads.pubmatic.com
1	imasdk.googleapis.com	www.timesnownews.com
1	acdn.adnxs.com	ads.pubmatic.com
1	u.openx.net	ads.pubmatic.com
1	js-sec.indexww.com	ads.pubmatic.com
1	sync.adotmob.com	1 redirects
1	p.rfihub.com	1 redirects
1	c.mgid.com	jsc.mgid.com
1	syndication.twitter.com	platform.twitter.com
1	www.google.de	www.timesnownews.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	apiprod.timesnownews.com	www.timesnownews.com
1	geoapi.tnn.in	www.timesnownews.com
1	jssocdn.indiatimes.com	www.timesnownews.com
1	mab.chartbeat.com	static.chartbeat.com
1	ping.chartbeat.net	www.timesnownews.com
1	a.teads.tv	ads.pubmatic.com
1	fastlane.rubiconproject.com	ads.pubmatic.com
1	hbopenbid.pubmatic.com	ads.pubmatic.com
1	timesnetwork-d.openx.net	ads.pubmatic.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	static.growthrx.in	www.timesnownews.com
1	onelinksmartscript.appsflyer.com	www.timesnownews.com
1	www.instagram.com	www.timesnownews.com
1	platform.instagram.com	1 redirects
287	97

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.letstalkgrowth.co.in
indiadigitalfest.in
www.linkedin.com
wa.me
news.google.com
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
vkfeed.indiatimes.com R3	`2023-02-24` - `2023-05-25`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-22` - `2023-09-24`	a year	crt.sh
www.torqus.com R3	`2023-02-22` - `2023-05-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-13` - `2023-06-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
data.indiatimes.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-26` - `2024-02-28`	a year	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
samayam.indiatimes.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-31` - `2024-04-03`	a year	crt.sh
indiatimes.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-10` - `2023-07-11`	a year	crt.sh
jsso.indiatimes.com Thawte TLS RSA CA G1	`2023-02-13` - `2024-01-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-07` - `2023-12-09`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.thrtle.com Go Daddy Secure Certificate Authority - G2	`2022-03-22` - `2023-04-23`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2023-02-15` - `2023-05-17`	3 months	crt.sh
npepaper.indiatimes.com R3	`2023-02-07` - `2023-05-08`	3 months	crt.sh

This page contains 28 frames:

Primary Page: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Frame ID: 781779318032EA05E63A8F2FE19D7846
Requests: 134 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: CEB58C6250BA9EDCEC614BB13A1A8402
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.timesnownews.com
Frame ID: 864951F08A1173EF51990B996A09B700
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Frame ID: E0A4A3CB5EC71D83F62AB2BC0B49FE50
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AF27D82FD4C854C5E40D0A83E2E0C3FB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: DAB158A79374B109DDACC2F1A69DA0DE
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 4D38239A02D00A601E89FE5AEA70F3CB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Frame ID: CE8D898D8E357C93BD61A0853D433CF7
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 63754717F018B72B1A0B8DC9EF2055A3
Requests: 3 HTTP requests in this frame

Frame: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D4E5CBFB628C9C4EC37E0E405D8B0D8C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: AAC38D24DEC877F4B34EE383CBCE9E1D
Requests: 10 HTTP requests in this frame

Frame: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C3D63CB2E16E97D263E0DEC788BA8753
Requests: 20 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012303151621000/amp4ads-v0.mjs
Frame ID: 8BC61B92B3E3A8996EED1EBFBD85F637
Requests: 13 HTTP requests in this frame

Frame: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 27323D61B479E4C4A656FEF0EEF79AC9
Requests: 16 HTTP requests in this frame

Frame: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D30834E6DBA0C73465ECB59798AC2C52
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012303151621000/amp4ads-v0.mjs
Frame ID: 2EA68CC20F4CAD43E47905067572A359
Requests: 15 HTTP requests in this frame

Frame: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C45594E9A72434B4313EB5F7F090444B
Requests: 5 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: E95C8C1E2C534791CEE9C1195BCF9D17
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=CA1F42D7-9DA3-46D8-8CE0-68774AE5AA84&redir=true&gdpr=0&gdpr_consent=
Frame ID: B013FADEAF521BF30DEA60B265C5FA06
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFQh07IYcwAACFHtdEdag&gdpr=0&gdpr_consent=
Frame ID: 3ED4C7C9844899A64C5F8C1A286AF2CB
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 9883B714199DBEE1DD70689E8BDDBBFD
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BA385A158811E9138CB3C00224CFAEEB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: 01CE5D2C70F225BF666211DA93FE3111
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: F90999CC292DE5A6FC61DEE1A84FFFAE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: 627F28C16F9BCF1401B0388DF372E558
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: 22B470A5E82C12E0F91E0C14AE11318D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A257BB9A790D9F4F9AE36ABFEB767759
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BE0B51093C4CC1F0A0561A26D4F0FB5C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Threat Mail Sent To Noida News Channel Claims Plot To Assassinate PM Modi, UP CM Yogi — DETAILS | India News, Times Now

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

287
Requests

86 %
HTTPS

52 %
IPv6

50
Domains

97
Subdomains

75
IPs

9
Countries

3973 kB
Transfer

11114 kB
Size

58
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Timesnow

Search URL Search Domain Scan URL

URL: https://twitter.com/timesnow

Search URL Search Domain Scan URL

URL: https://www.instagram.com/timesnow

Search URL Search Domain Scan URL

URL: https://www.letstalkgrowth.co.in/?utm_source=timesnownews&utm_medium=homepagegroup
Title: Let’s Talk Growth

Search URL Search Domain Scan URL

URL: https://indiadigitalfest.in/
Title: IDF

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Threat%20Mail%20Sent%20To%20Noida%20News%20Channel%20Claims%20Plot%20To%20Assassinate%20PM%20Modi,%20UP%20CM%20Yogi%20%E2%80%94%20DETAILS&url=https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMK-p_Qowq-D0Ag?hl=en-IN&gl=IN&ceid=IN:en
Title: Follow us on: News

Search URL Search Domain Scan URL

URL: https://apps.apple.com/in/app/times-network/id979120111

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.timesnowmobile.TimesNow

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js

Request Chain 92

https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1

Request Chain 100

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZDDmDZV1vG.6jNd3IA-3iwAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZDDmDZV1vG.6jNd3IA-3iwAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKqg2UkaKR8I0w3ifp946qw&google_cver=1&google_hm=2

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBDwGO5n-nAg3A16FUJtkhc&google_cver=1

Request Chain 102

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 103

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588524137690406

Request Chain 104

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

Request Chain 105

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

Request Chain 106

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZDDmDQABKdt0EABL HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZDDmDQABKdt0EABL&_test=ZDDmDQABKdt0EABL

Request Chain 128

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEI6jyG4mHgmZfQWjbzetvz4&google_cver=1

Request Chain 129

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 130

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZDDmDZV1vG.6jNd3IA-3iwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKqg2UkaKR8I0w3ifp946qw&google_cver=1&google_hm=2

Request Chain 131

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

Request Chain 132

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=0a766dd0-17ee-47da-a0ef-7223189eab60

Request Chain 133

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=818824508118379394

Request Chain 134

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&verify=true HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB?us_privacy=

Request Chain 154

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEc3RzJMMDMtMUQtMzBGRQ== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGgrVwEeFDhBhUBoIXgaCI0&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEc3RzJMMDMtMUQtMzBGRQ==&google_push=

Request Chain 155

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/CNcBJFtERXxOs4OKzN-yJcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VJnSDT1E2oJiyNquTCy8LH8x7tumTCELHSJ96g--~A

Request Chain 156

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LG7G2L03-1D-30FE

Request Chain 157

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0MkRPu1VStulEeFaZW8v0g&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0MkRPu1VStulEeFaZW8v0g

Request Chain 158

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjJiNmRlZWU0NGUxMTI2YjgwYjgzODkyMjM1Yzc1YjUyODFjM2NhYw

Request Chain 159

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE_zhPu75QVJ4GXq3FR6mjg&google_cver=1

Request Chain 160

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=fSrCwZ6XS_u-1yuRFcnxyg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=fSrCwZ6XS_u-1yuRFcnxyg

Request Chain 193

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGUWgwN0lZY3dBQUNGSHRkRWRhZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFQh07IYcwAACFHtdEdag&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAFQh07IYcwAACFHtdEdag&pid=558502&do=add&gdpr=0 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFQh07IYcwAACFHtdEdag&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7502919708882472317&gdpr=0&gdpr_consent= HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFQh07IYcwAACFHtdEdag&gdpr=0&gdpr_consent=

Request Chain 194

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yh9C152jRtiM4Gh3SuWqhA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 196

https://eb2.3lift.com/xuid?mid=7976&xuid=CA1F42D7-9DA3-46D8-8CE0-68774AE5AA84&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=CA1F42D7-9DA3-46D8-8CE0-68774AE5AA84&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0ExRjQyRDctOURBMy00NkQ4LThDRTAtNjg3NzRBRTVBQTg0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 199

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELceS_-HxWGA5LvPKEORJ0Q&google_cver=1

Request Chain 201

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2344634454930398067&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 203

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CA1F42D7-9DA3-46D8-8CE0-68774AE5AA84&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oEF7ZqlE2uVQJpz8Ujc65UteNZTdSYo-~A&gdpr=0

Request Chain 250

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCIgOD4wAEQ9AQY9AQyCI-zxDEN_2uG HTTP 301
https://tpc.googlesyndication.com/simgad/9476004575568886091

Request Chain 254

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODAmoD17AEQlgEYlgEyCPPmLLBZeJQa HTTP 301
https://tpc.googlesyndication.com/simgad/5124784873045547656

Request Chain 256

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDPy-HUQRD0Axj0AzIIEFFLLFZFNqg HTTP 301
https://tpc.googlesyndication.com/simgad/9794754301439884368

Request Chain 259

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 268

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

287 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585 Show response
www.timesnownews.com/india/ 491 KB
107 KB 799ms
731ms Document
text/html 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

eb87c2084b300197548fa2cc2a57245397503e02f88e9b322922a6ae08c8c3db

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 109363
content-type: text/html; charset=utf-8
date: Sat, 08 Apr 2023 03:57:00 GMT
expires: Sat, 08 Apr 2023 03:57:00 GMT
pragma: no-cache
server: Bhoot
strict-transport-security: max-age=25920000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-response-time: 186.488ms
x-xss-protection: 1; mode=block

GET
H2

200

embed.js Show response
www.instagram.com/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js

55 KB
20 KB

125ms
69ms

Script
application/x-javascript

2a03:2880:f21c:81e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/embed.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Server

2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a10e8022a6d12d036830dad50fe745b3b3f3247072c91be1ff1b9988f360f3e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:00 GMT
content-md5: N5U9ONf1d3pojy1tFsooIw==
document-policy: force-load-at-top
edge-control: cache-maxage=1200s
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19434
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
x-fb-debug: odKR43xT0G01RLL535+cVaXLrgEYmHtswbu9AHKU+DUhJSl+I4+6A3JohUNvxOzHMh6nJK9ak8y8K9Avj3DCZg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 49c0cf3826f8b5c5fb0d5a7be69d6156
cross-origin-opener-policy: same-origin-allow-popups
etag: "59a03b7c66784d407b8a5c7d18aa3d0b"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Sat, 08 Apr 2023 04:17:00 GMT

Redirect headers

location: https://www.instagram.com/embed.js
date: Sat, 08 Apr 2023 03:57:00 GMT
x-fb-trip-id: 1425083115
server: proxygen-bolt
content-length: 0
content-type: text/plain

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 404ms
101ms Script
application/javascript 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D0D) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 08 Apr 2023 03:57:00 GMT
Content-Encoding: gzip
Age: 532
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (nyb/1D0D)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 dfpamzn.js Show response
www.timesnownews.com/ 6 KB
2 KB 25ms
24ms Script
application/javascript 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/dfpamzn.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

a741eb6a7948e21ae14aa87a17470a79a9a7a64df4a0993a42fa7f0b9ed83ead

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:00 GMT
content-length: 2088
x-xss-protection: 1; mode=block
x-response-time: 1.366ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"1957-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
25 KB 134ms
74ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ec84c5bd59f05ee9796b8e2044825dd5bcb9fa01eb02ea8298bb87fcab764ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25581
x-xss-protection: 0
server: cafe
etag: 737 / 19455 / m202304030101 / config-hash: 6582030280907361967
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156537/445/ 526 KB
156 KB 108ms
29ms Script
application/javascript 2.19.228.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.228.187 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-228-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0dd73964e0d701c6ed31ada67ddfa6d69c4be7fca2bbe878994022549d2865c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:00 GMT
content-encoding: gzip
last-modified: Fri, 31 Mar 2023 06:09:30 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=113916
accept-ranges: bytes
content-length: 158539
expires: Sun, 09 Apr 2023 11:35:36 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 224 KB
55 KB 75ms
23ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5056f93d2315caf4c9d3a9c6a47f7b7ecbb29d2544909b9b1f296f6ab17e6b29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:30:45 GMT
content-encoding: gzip
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
last-modified: Wed, 05 Apr 2023 20:18:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1576
x-amz-server-side-encryption: AES256
etag: W/"f3bdba5d8011fb0ade3d89050f53abe7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: YZapIyPEDsMrHa0URg8QI_Ny2I2lEuP5-Ocs0T0m6ibH0VfRVN-1-A==

GET
H2 200 onelink-smart-script-latest.js Show response
onelinksmartscript.appsflyer.com/ 86 KB
19 KB 136ms
42ms Script
application/javascript 2a02:26f0:480:e::210:f10e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://onelinksmartscript.appsflyer.com/onelink-smart-script-latest.js
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f10e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95ef23651da5043776c8f1da1d593e3a7ce538b0d7706c0961a1687487deb647

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:00 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 06:15:26 GMT
server: AmazonS3
x-amz-request-id: GHC124VDD4NTTFFA
etag: "3f486fde5fea2b89826d0348b68f8f47"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 19555
x-amz-id-2: Yr/7gwHkArsJPceeKklZYNoBNY7EPj35L9+z0TAtRvca6/vFCeHM+1QmeKaWpL4ud4zWlr4D2Vg=
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 india-flag.png
www.timesnownews.com/assets/images/ 599 B
888 B 25ms
25ms Image
image/png 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/images/india-flag.png

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

72f100a2a6a7cd2ccef3e79dbf46b5fa2821daf411ffd8e6429e4e6e62b26dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 16.462ms
pragma: no-cache
strict-transport-security: max-age=25920000; includeSubdomains
date: Sat, 08 Apr 2023 03:57:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"257-185ce204338"
content-type: image/png
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 599
x-xss-protection: 1; mode=block
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 sprite-global.svg
www.timesnownews.com/assets/icons/svg/ 92 KB
30 KB 22ms
22ms Other
image/svg+xml 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/assets/icons/svg/sprite-global.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

66019a14c7a446b614109364529f0fc53ebf28e9dafcd3771121e19bfc50270f

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:00 GMT
content-length: 30561
x-xss-protection: 1; mode=block
x-response-time: 0.826ms
pragma: no-cache
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"17076-185ce204338"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 logo-large.svg
www.timesnownews.com/assets/icons/svg/ 6 KB
3 KB 28ms
26ms Image
image/svg+xml 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/logo-large.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

80c1e1ac3c87115854e5bceffdf916959fb9278e9782dfb3124abe2b7dfb0379

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:00 GMT
content-length: 2812
x-xss-protection: 1; mode=block
x-response-time: 0.718ms
pragma: no-cache
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"16c5-185ce204338"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 short-video-logo.svg
www.timesnownews.com/assets/images/ 11 KB
5 KB 30ms
28ms Image
image/svg+xml 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/images/short-video-logo.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

bdbaf7ad9623cbf4cf34c4748d7ac5d760097fde17b3f46a3ae8fd3fc35d7bd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:00 GMT
content-length: 4446
x-xss-protection: 1; mode=block
x-response-time: 7.598ms
pragma: no-cache
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"2c66-185ce204338"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 shorts-outline-Black.gif
www.timesnownews.com/assets/images/ 72 KB
73 KB 31ms
29ms Image
image/gif 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/images/shorts-outline-Black.gif

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

7a45e54b3007cf827926980231002644b7a75614e07febdecf41ed6ea47be063

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 16.775ms
pragma: no-cache
strict-transport-security: max-age=25920000; includeSubdomains
date: Sat, 08 Apr 2023 03:57:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"120dc-185ce204338"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 73948
x-xss-protection: 1; mode=block
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 99287701.jpg
static.tnn.in/photo/msid-99287701,imgsize-26968,updatedat-1680761329989,width-1280,height-720,resizemode-75/ 22 KB
22 KB 270ms
156ms Image
image/webp 2a02:26f0:480:c::210:f198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.tnn.in/photo/msid-99287701,imgsize-26968,updatedat-1680761329989,width-1280,height-720,resizemode-75/99287701.jpg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

a9c59d428ca2f246581987e8e3132db0c62e7e4ee64b823779940a2db0a32f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	sameorigin, sameorigin
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Sat, 08 Apr 2023 03:57:00 GMT
x-content-type-options: nosniff, nosniff
server: Bhoot
etag: 26968
x-frame-options: sameorigin, sameorigin
content-type: image/webp
imagemagick_im4java: 1
cache-control: public, must-revalidate, max-age=31393154
server-timing: cdn-cache; desc=HIT, edge; dur=121, ak_p; desc="466923_34664536_38829771_12040_1209_33_0";dur=1
appgn: 17224409301231680761365959
content-length: 22272
x-xss-protection: 1; mode=block, 1; mode=block
expires: Fri, 05 Apr 2024 12:16:14 GMT

GET
H2 200 88386381.jpg
static.tnn.in/photo/msid-88386381/ 4 KB
5 KB 151ms
37ms Image
image/webp 2a02:26f0:480:c::210:f198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.tnn.in/photo/msid-88386381/88386381.jpg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

6d60981e838ab9df007f58e3ab6a742bf6516d84b0204b838502fb951ddfa758

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	sameorigin, sameorigin
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
date: Sat, 08 Apr 2023 03:57:00 GMT
x-content-type-options: nosniff, nosniff
server: Bhoot
etag: 38965
x-frame-options: sameorigin, sameorigin
content-type: image/webp
imagemagick_im4java: 1
cache-control: public, must-revalidate, max-age=31315046
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466923_34664536_38829775_11_640_33_0";dur=1
appgn: 17224408801231680662159486
content-length: 4124
x-xss-protection: 1; mode=block, 1; mode=block
expires: Thu, 04 Apr 2024 14:34:26 GMT

GET
H2 200 times-now.png
www.timesnownews.com/assets/images/ 714 B
1002 B 29ms
28ms Image
image/png 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/images/times-now.png

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

731574e91e9031c7cf84fc4eaa7d40a90bd3f0bc513e35ab1f1737c448f3fcd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 0.929ms
pragma: no-cache
strict-transport-security: max-age=25920000; includeSubdomains
date: Sat, 08 Apr 2023 03:57:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"2ca-185ce204338"
content-type: image/png
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 714
x-xss-protection: 1; mode=block
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 times-now-navbharat.png
www.timesnownews.com/assets/images/ 882 B
1 KB 39ms
38ms Image
image/png 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/images/times-now-navbharat.png

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

46117cd5dd92a7c23f9b9abe02a533f3b625ee59a4d4d5758122c6382516f0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 7.573ms
pragma: no-cache
strict-transport-security: max-age=25920000; includeSubdomains
date: Sat, 08 Apr 2023 03:57:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"372-185ce204338"
content-type: image/png
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 882
x-xss-protection: 1; mode=block
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 et-now.png
www.timesnownews.com/assets/images/ 706 B
995 B 28ms
27ms Image
image/png 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/images/et-now.png

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

8b0b4cf19e0e192f51a39a51df8b709a1019d01a95115c99396ad7c612f92b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 211.501ms
pragma: no-cache
strict-transport-security: max-age=25920000; includeSubdomains
date: Sat, 08 Apr 2023 03:57:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"2c2-185ce204338"
content-type: image/png
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 706
x-xss-protection: 1; mode=block
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 et-now-swadesh.png
www.timesnownews.com/assets/images/ 939 B
1 KB 28ms
27ms Image
image/png 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/images/et-now-swadesh.png

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

a510677284d928d6efbc9b2f3e9d88fe1bc8f0be327da4f8d634a9ff04f573fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 4.566ms
pragma: no-cache
strict-transport-security: max-age=25920000; includeSubdomains
date: Sat, 08 Apr 2023 03:57:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"3ab-185ce204338"
content-type: image/png
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 939
x-xss-protection: 1; mode=block
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 mirror-now.png
www.timesnownews.com/assets/images/ 735 B
1 KB 46ms
45ms Image
image/png 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/images/mirror-now.png

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

bc4c79e8d7f87579fa81d44b5d6bbda4bbe652abd26c90b30d1cd7a4e4451b43

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 149.634ms
pragma: no-cache
strict-transport-security: max-age=25920000; includeSubdomains
date: Sat, 08 Apr 2023 03:57:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"2df-185ce204338"
content-type: image/png
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 735
x-xss-protection: 1; mode=block
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 app-store-w.png
www.timesnownews.com/assets/images/OpenInApp/ 560 B
848 B 29ms
28ms Image
image/png 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/images/OpenInApp/app-store-w.png

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

6cf2f763bc558a79479c3151a2459902be51ee91e05806dfc4415f4e14ff66d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 2.365ms
pragma: no-cache
strict-transport-security: max-age=25920000; includeSubdomains
date: Sat, 08 Apr 2023 03:57:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"230-185ce204338"
content-type: image/png
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 560
x-xss-protection: 1; mode=block
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 play-store.png
www.timesnownews.com/assets/images/OpenInApp/ 725 B
1014 B 29ms
29ms Image
image/png 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/images/OpenInApp/play-store.png

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

e57a30e2ef18d808a1afa350e0b33e22376ef7a5b341e7d791dbe6486f345882

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 9.649ms
pragma: no-cache
strict-transport-security: max-age=25920000; includeSubdomains
date: Sat, 08 Apr 2023 03:57:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"2d5-185ce204338"
content-type: image/png
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 725
x-xss-protection: 1; mode=block
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 66ms
22ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: F_FDbbUyUmFtmAPMghF.UJjGVPnjBMtx
content-encoding: gzip
via: 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
date: Fri, 07 Apr 2023 21:14:53 GMT
x-amz-cf-pop: FRA56-P6
age: 24128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 03 Apr 2023 21:14:40 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 6QhRAeCrb9uCd1X8jvyg1r6hurARh701vnOI09EBQDBxVggtDe5hqQ==

GET
H2 200 3d276e090487a2efcd98ee2a6127d068ecb86418.js Show response
cdn.izooto.com/scripts/ 1 KB
858 B 75ms
29ms Script
application/javascript 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/3d276e090487a2efcd98ee2a6127d068ecb86418.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98e038b4db16f5033bdca3ee0ecd9284afaf352695ffa5a32753fc996a12ebdf

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 27 Mar 2023 06:46:23 GMT
server: cloudflare
age: 1026634
etag: W/"64213bbf-41f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1382400
cf-ray: 7b4795701eb6915c-FRA
x-xss-protection: 1; mode=block
expires: Mon, 24 Apr 2023 03:57:00 GMT

GET
H2 200 bootstrap.f4e16498.js Show response
www.timesnownews.com/tnnassets/ 19 KB
6 KB 173ms
168ms Script
application/javascript 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/tnnassets/bootstrap.f4e16498.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

d60b84b7316948dc5d2c9c0e04cba3abcd0900169da2433f6923d8b116293376

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:00 GMT
content-length: 6253
x-xss-protection: 1; mode=block
x-response-time: 1.194ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"4b19-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 vendors.2410a677.chunk.js Show response
www.timesnownews.com/tnnassets/ 356 KB
116 KB 32ms
27ms Script
application/javascript 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/tnnassets/vendors.2410a677.chunk.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

da9d46dc7ae9a2c535b65a6bdf23b7f731bfe6733571fe87cd9655fca86bde08

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:00 GMT
content-length: 118452
x-xss-protection: 1; mode=block
x-response-time: 0.770ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"591fc-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 client.8c165f2d.chunk.js Show response
www.timesnownews.com/tnnassets/ 256 KB
62 KB 70ms
66ms Script
application/javascript 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/tnnassets/client.8c165f2d.chunk.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

0adb2c0646a607411b429d7f7a35fc778d7c4e2cb1d0c30ca645cd5192f48aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:00 GMT
content-length: 63056
x-xss-protection: 1; mode=block
x-response-time: 1.374ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"3ff98-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 vendors~articlelist_desktop~articlelist_desktop-Listing~articlelist_mobile~articlelist_mobile-Listin~b031591e.95808959.chunk.js Show response
www.timesnownews.com/tnnassets/ 21 KB
8 KB 39ms
34ms Script
application/javascript 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/tnnassets/vendors~articlelist_desktop~articlelist_desktop-Listing~articlelist_mobile~articlelist_mobile-Listin~b031591e.95808959.chunk.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

e93b7d5fabcfdc7f2e7966b3d2cfa76f322cc60d65c35d9ae1cfa155431abe7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:00 GMT
content-length: 7334
x-xss-protection: 1; mode=block
x-response-time: 1.085ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"5412-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 vendors~articlelist_desktop~articlelist_desktop-Listing~articlelist_mobile~articlelist_mobile-Listin~b959b96c.aaafc1eb.chunk.js Show response
www.timesnownews.com/tnnassets/ 16 KB
6 KB 35ms
31ms Script
application/javascript 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/tnnassets/vendors~articlelist_desktop~articlelist_desktop-Listing~articlelist_mobile~articlelist_mobile-Listin~b959b96c.aaafc1eb.chunk.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

4ad86e4afd6ec129c99738488c425fca45522ddd0231c46564e1e071d59e3048

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:00 GMT
content-length: 5588
x-xss-protection: 1; mode=block
x-response-time: 3.297ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"40e0-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 vendors~articlelist_desktop~articlelist_desktop-Listing~articlelist_mobile~articlelist_mobile-Listin~6dbcacfe.9d856ab3.chunk.js Show response
www.timesnownews.com/tnnassets/ 20 KB
7 KB 36ms
32ms Script
application/javascript 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/tnnassets/vendors~articlelist_desktop~articlelist_desktop-Listing~articlelist_mobile~articlelist_mobile-Listin~6dbcacfe.9d856ab3.chunk.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

5ff815c2bbdba8aa147e44311990e054a5021de502e6cd79ffe7d04404ba9ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:00 GMT
content-length: 6762
x-xss-protection: 1; mode=block
x-response-time: 1.007ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"5070-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 vendors~articlelist_desktop~articlelist_desktop-Listing~articlelist_mobile~articlelist_mobile-Listin~c8939469.ed461ac0.chunk.js Show response
www.timesnownews.com/tnnassets/ 37 KB
9 KB 35ms
31ms Script
application/javascript 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/tnnassets/vendors~articlelist_desktop~articlelist_desktop-Listing~articlelist_mobile~articlelist_mobile-Listin~c8939469.ed461ac0.chunk.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

dd8909252c52dfef05074dcac3a82cfc39a5bd431a45011ec7a205fd4d570b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:00 GMT
content-length: 9307
x-xss-protection: 1; mode=block
x-response-time: 1.331ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"9454-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 articleshow_desktop.db9a0819.chunk.js Show response
www.timesnownews.com/tnnassets/ 2 MB
357 KB 37ms
33ms Script
application/javascript 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/tnnassets/articleshow_desktop.db9a0819.chunk.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

686f72e90972758db00d6a52914d2a8a5d849d4e12e4e871ca934d0bef17835d

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:00 GMT
content-length: 364239
x-xss-protection: 1; mode=block
x-response-time: 0.919ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"191208-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 118 KB
46 KB 89ms
36ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-64032556-12

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a7027cdab37b77f122020b707c13ae811187252bf88f5a688558dc1d5d76fcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46665
x-xss-protection: 0
last-modified: Sat, 08 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
78 KB 94ms
41ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-77TJDBEN7S

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

41565fe65c71db75a8ce0c368e7d2e0b42d71e2998425c1504841d2118e40418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79258
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 web-sdk.js Show response
static.growthrx.in/js/v2/ 52 KB
14 KB 411ms
34ms Script
application/javascript 2a02:26f0:480:393::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.growthrx.in/js/v2/web-sdk.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:393::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

34b579173efce5b56acd1e45a832614f1ba6889e7898718625eb2f036e855231

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:01 GMT
last-modified: Tue, 04 Apr 2023 18:13:32 GMT
server: Bhoot
etag: W/"642c68cc-cf9f"
x-frame-options: sameorigin
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
content-length: 13872
x-xss-protection: 1; mode=block
which-server: vsp4-grx

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 82ms
22ms Script
application/javascript 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 07:32:56 GMT
content-encoding: gzip
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 73445
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: XSyxjoa4ikb_I2k84DKjPaK-5YfXXpI6kWkc44EuN9PG_2r7K5iGHA==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 82ms
24ms Script
application/x-javascript 2600:9000:2057:9600:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9600:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 01:10:22 GMT
content-encoding: gzip
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 9998
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: W0817E__5bIBVJNrm5Na1ItzpM6G5HbhQ_Zg15ZSLl8zFb7lTF_qLg==
expires: Sun, 09 Apr 2023 01:10:22 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 84ms
26ms Script
application/x-javascript 2600:9000:2057:9600:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9600:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 01:13:30 GMT
content-encoding: gzip
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 00:57:56 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 9810
etag: W/"62d75314-5d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: WT2OA0SYw6BRFGXVlyREhg7Vvqbb9qjwgyTc5mN8cH07AMn_ZK-sPQ==
expires: Sun, 09 Apr 2023 01:13:30 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
315 B 20ms
20ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.timesnownews.com&pubid=2202a6a5-32cd-4e86-a8b6-48b0a3829463
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 01:21:50 GMT
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 9310
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.timesnownews.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 6PDrjXyG7Gy_kgEQg1I7nWuuiZyQ97us7dhJIMqNKzjxoI3WzfKrag==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/ 396 KB
123 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0ee1b83a672e602c818711d3165f40b3c24571f136a76235b5e01bb542afd62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33651
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125778
x-xss-protection: 0
server: cafe
etag: 17784413963224027771
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 06 Apr 2024 18:36:09 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 3 KB
687 B 100ms
56ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.timesnownews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a45889dfbf4f434f10608a8ad9bbb501caa4d5e1b07238800528cc2e7ca27a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 662
x-xss-protection: 0
expires: Sat, 08 Apr 2023 03:57:00 GMT

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 283 KB
67 KB 34ms
33ms Script
application/javascript 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/3d276e090487a2efcd98ee2a6127d068ecb86418.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cb197f6f7bfd999dd8b16f4a17bbb3041d22ab7f8ed146a60cdcfb9190a7979

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Apr 2023 11:24:15 GMT
server: cloudflare
age: 318709
etag: W/"642c08df-46d66"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1382400
cf-ray: 7b4795704ed5915c-FRA
x-xss-protection: 1; mode=block
expires: Mon, 24 Apr 2023 03:57:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
468 B 145ms
68ms XHR
text/javascript 18.64.94.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&pid=HEtyMNyK936Yk&cb=0&ws=1600x1200&v=23.331.1910&t=2000&slots=%5B%7B%22sd%22%3A%22div-u-id-1-1-99287585%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22980x90%22%5D%2C%22sn%22%3A%22%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_Header%22%7D%2C%7B%22sd%22%3A%22div-u-id-1-2-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_RHS_TOP_300%22%7D%2C%7B%22sd%22%3A%22div-u-id-1-3-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_RHS_MID_1_300%22%7D%2C%7B%22sd%22%3A%22div-u-id-1-7-btf_5-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_RHS_Bottom_300%22%7D%2C%7B%22sd%22%3A%22div-u-id-1-5%22%2C%22s%22%3A%5B%22728x90%22%2C%22980x90%22%2C%22970x90%22%2C%22980x200%22%5D%2C%22sn%22%3A%22%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_Bottom_Multisize%22%7D%2C%7B%22sd%22%3A%22out-of-page-ad%22%2C%22s%22%3A%5B%22300x250%22%2C%221x1%22%2C%22336x280%22%2C%22320x480%22%5D%2C%22sn%22%3A%22%2F21806551354%2FTN_English%2FDesktop%2FROS%2FTN_English_Desktop_ROS_Interstitial%22%7D%5D&pubid=2202a6a5-32cd-4e86-a8b6-48b0a3829463&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.94.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-94-60.txl50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:00 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 8b4e911b05f0c34bf3d36e7de31e2172.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: TXL50-P3
x-amz-rid: 59KTPHETFSHN6NKXF5HD
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.timesnownews.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: -l_cnxyCeMGAon-yGv2JjGoc3FqvJPfrr9iqQqV5SxQ775Mx1WS65A==

POST
H2 200 / Show response
ow.pubmatic.com/cookie_sync/ 318 B
447 B 521ms
169ms XHR
application/json 104.36.113.67
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://ow.pubmatic.com/cookie_sync/?sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.67 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: df76a18c81c9c3af8d3130e72d5df8ad2a3fcda74526c57bda644469ffd33f7e

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.timesnownews.com
date: Sat, 08 Apr 2023 03:57:01 GMT
access-control-allow-credentials: true
content-length: 318
content-type: application/json; charset=utf-8

POST
H2 200 auction Show response
ow.pubmatic.com/pbs/openrtb2/ 212 B
299 B 519ms
170ms XHR
application/json 104.36.113.67
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://ow.pubmatic.com/pbs/openrtb2/auction
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.67 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: fe16f6ce2698fde7c1103654b0b5d7f39541993822d0d5c92181c4dd629054bd

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.timesnownews.com
date: Sat, 08 Apr 2023 03:57:01 GMT
access-control-allow-credentials: true
content-length: 212
content-type: application/json

GET
H2 200 arj Show response
timesnetwork-d.openx.net/w/1.0/ 73 B
382 B 98ms
34ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://timesnetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a86b54bb-1375-4e4d-8a71-6118ca9e47af%2C3a5d4dde-4585-439f-b809-017c0619764d%2C5e2f3f9b-5c84-4bb3-a4eb-3da453a751e9%2Ceca6493a-cc00-47dd-aeee-4c8470712547%2Cecec573a-942a-4958-b46e-954b1216bcd7&nocache=1680926220881&aus=728x90%2C970x90%2C980x90%7C300x250%7C300x250%7C300x250%2C300x600%7C728x90%2C980x90%2C970x90%2C980x200&divids=div-u-id-1-1-99287585%2Cdiv-u-id-1-2-0%2Cdiv-u-id-1-3-0%2Cdiv-u-id-1-7-btf_5-0%2Cdiv-u-id-1-5&aucs=%252F21806551354%252FTN_English%252FDesktop%252FArticleShow%252FTN_English_Desk_AS_Header%2C%252F21806551354%252FTN_English%252FDesktop%252FArticleShow%252FTN_English_Desk_AS_RHS_TOP_300%2C%252F21806551354%252FTN_English%252FDesktop%252FArticleShow%252FTN_English_Desk_AS_RHS_MID_1_300%2C%252F21806551354%252FTN_English%252FDesktop%252FArticleShow%252FTN_English_Desk_AS_RHS_Bottom_300%2C%252F21806551354%252FTN_English%252FDesktop%252FArticleShow%252FTN_English_Desk_AS_Bottom_Multisize&auid=558907545%2C558907540%2C558907540%2C558907540%2C558907545
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: ab716468482877fd517f038b636dd6d7604fbc6f5feaf865b4f6b7eb3a94edf9

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:00 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.timesnownews.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
www18.smartadserver.com/prebid/ 0
342 B 106ms
28ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www18.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:00 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.timesnownews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
www18.smartadserver.com/prebid/ 0
342 B 105ms
28ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www18.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:00 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.timesnownews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
www18.smartadserver.com/prebid/ 171 B
562 B 181ms
105ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www18.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:00 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.timesnownews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
www18.smartadserver.com/prebid/ 171 B
562 B 181ms
104ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www18.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:00 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.timesnownews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
www18.smartadserver.com/prebid/ 0
342 B 104ms
28ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www18.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:00 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.timesnownews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 704ms
358ms XHR
text/plain 204.237.133.116
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=435
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.237.133.116 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.timesnownews.com
date: Sat, 08 Apr 2023 03:57:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 613 B
1 KB 348ms
298ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5b710a6bbba5e00184faf5147ee6f301a3e1b75ffc03dca56f007e5e07a0886c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 08 Apr 2023 03:57:01 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ff621e31-a4a9-4724-8043-6ac8ee948cb1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.timesnownews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 808 B
3 KB 317ms
211ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17222&site_id=464020&zone_id=2727412&size_id=2%3B15%3B15%3B15%3B2&alt_size_ids=55%3B%3B%3B10%3B55&rf=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&tg_i.pbadslot=%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_Header%3B%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_RHS_TOP_300%3B%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_RHS_MID_1_300%3B%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_RHS_Bottom_300%3B%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_Bottom_Multisize&tk_flint=pbjs_lite_v6.29.3&x_source.tid=a86b54bb-1375-4e4d-8a71-6118ca9e47af%3B3a5d4dde-4585-439f-b809-017c0619764d%3B5e2f3f9b-5c84-4bb3-a4eb-3da453a751e9%3Beca6493a-cc00-47dd-aeee-4c8470712547%3Becec573a-942a-4958-b46e-954b1216bcd7&l_pb_bid_id=33c807ad209ba16%3B34c4f303868b177%3B356924e8cba0804%3B36a6398417dc735%3B379be2dca9ffafa&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_Header%3B%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_RHS_TOP_300%3B%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_RHS_MID_1_300%3B%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_RHS_Bottom_300%3B%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_Bottom_Multisize&slots=5&rand=0.7611259376394537
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 504550e6ee1114c232fac467bb6f5d061f3f88121bdd0650a7a17e836b0e7314

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:01 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.timesnownews.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
394 B 129ms
53ms XHR
application/json 88.221.169.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:01 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.timesnownews.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sat, 08 Apr 2023 03:57:01 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 22ms
22ms Image
text/plain 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=26200502&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1680926220922&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&c8=Threat%20Mail%20Sent%20To%20Noida%20News%20Channel%20Claims%20Plot%20To%20Assassinate%20PM%20Modi%2C%20UP%20CM%20Yogi%20%E2%80%94%20DETAILS%20%7C%20India%20News%2C%20Times%20Now&c9=
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:00 GMT
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: V3L-Yld8CgxtizKVz_JXQfPwsTirBNS4JIru4DjOkzgbecPCjQjCIA==
x-cache: Miss from cloudfront

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 342ms
112ms Image
image/gif 52.44.158.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=timesnownews.com&p=%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&u=CGsNsVCwLBI4B4DMEF&d=timesnownews.com&g=10538&g0=india&g1=surabhi.shaurya%40timesgroup.com&n=1&f=00001&c=0&x=0&m=0&y=4232&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&b=1160&t=EkFyDMI1n9BG_I-9CSEffJCMbHxX&V=139&i=Threat%20Mail%20Sent%20To%20Noida%20News%20Channel%20Claims%20Plot%20To%20Assassinate%20PM%20Modi%2C%20UP%20CM%20Yogi%20%E2%80%94%20DETAILS%20%7C%20In&tz=0&sn=1&sv=7KUT-CDD3GCCPTas8BrkgDBfJW46&sd=1&im=062b9f3f&_
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.158.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-158-125.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 08 Apr 2023 03:57:01 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 279 B
559 B 169ms
121ms XHR
application/json 2a04:4e42::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=timesnownews.com&domain=timesnownews.com&path=%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9feab3fefb0b32e8e59ee33031c8bc3918a76201441080fb072f93133ef9380d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 08 Apr 2023 03:57:01 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 201
x-served-by: cache-hhn-etou8220025-HHN
x-timer: S1680926221.995442,VS0,VE100
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Thu, 06 Apr 2023 03:57:01 GMT

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame CEB5 4 KB
1 KB 30ms
29ms Document
text/html 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 1615854
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 7b4795710f44915c-FRA
content-encoding: br
content-type: text/html
date: Sat, 08 Apr 2023 03:57:00 GMT
expires: Tue, 09 May 2023 03:57:00 GMT
last-modified: Tue, 07 Feb 2023 10:27:13 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-64032556-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 02:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6709
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 08 Apr 2023 04:05:12 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 86ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-77TJDBEN7S&gtm=45je3430&_p=2038072175&cid=1867847681.1680926221&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680926220&sct=1&seg=0&dl=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&dt=Threat%20Mail%20Sent%20To%20Noida%20News%20Channel%20Claims%20Plot%20To%20Assassinate%20PM%20Modi%2C%20UP%20CM%20Yogi%20%E2%80%94%20DETAILS%20%7C%20India%20News%2C%20Times%20Now&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-77TJDBEN7S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.timesnownews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 slikeloader.js Show response
tvid.in/sdk/ 7 KB
3 KB 112ms
21ms Script
application/javascript 2a02:26f0:1700:78f::3857
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://tvid.in/sdk/slikeloader.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/client.8c165f2d.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:78f::3857 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

05fb8eca3cac855529e8d64b4323aed56d9e4ae01148ee6ee7a9140941e3e9ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
content-encoding: gzip
strict-transport-security: max-age=86400 ; includeSubDomains
x-amz-request-id: BB7G4KNQ4ARTW486
x-amz-server-side-encryption: AES256
content-length: 2583
x-amz-id-2: Cu5vo9Pwn5DysFP/MJ5FY+pVwefEf/J6t3T63twu2d0WpKojUCGsLPGra5zg/ZMsbzyut9UkWb8=
pragma: no-cache
x-amz-meta-server-side-encryption: AES256
last-modified: Wed, 05 Apr 2023 11:36:43 GMT
server: AmazonS3
etag: "a820d1e12cce598348754dc90beff58a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:01 GMT

GET
H2 200 jsso_crosswalk_legacy_0.6.8.min.js Show response
jssocdn.indiatimes.com/crosswalk/ 26 KB
6 KB 186ms
32ms Script
application/javascript 2a02:26f0:64:681::3621
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://jssocdn.indiatimes.com/crosswalk/jsso_crosswalk_legacy_0.6.8.min.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/articleshow_desktop.db9a0819.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:681::3621 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

65f471fef221d996710dc52325f851da7a84abb11e31349b8d9dbac03fb21688

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
content-encoding: gzip
x-cool: 88.38
content-length: 5681
x-xss-protection: 1; mode=block
last-modified: Mon, 14 Jun 2021 08:30:00 GMT
server: Bhoot
etag: "69a0-5c4b5a9d24587"
x-frame-options: sameorigin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=11251702
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, content-type, method, IsJssoCrosswalk,channel, ssec, tksec, ticketId, platform, sdkVersion, csrfToken, csut, gdpr, ssoid
expires: Wed, 16 Aug 2023 09:25:23 GMT

GET
H/1.1 200
OK locate Show response
geoapi.tnn.in/ 134 B
888 B 85ms
21ms XHR
text/html 2a02:26f0:1700:5::5f65:1b52
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://geoapi.tnn.in/locate
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/vendors.2410a677.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:5::5f65:1b52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4f24aba3c3acdc3cff6194d7831432e690322ecc87eddd54e68088675b4ab129

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:01 GMT
Edgescape-API: geo_region=85,country_code=DE,region_code=HE,city=FRANKFURT,latitude=50.12,longitude=8.68, timezone=GMT+1 , continent=EU
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/html
Access-Control-Allow-Origin: https://www.timesnownews.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Connection: keep-alive
Server-Timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466923_1551592274_1835677127_16_1040_18_-";dur=1
Access-Control-Allow-Headers: Origin,X-Requested-With,Content-Type,Accept
Content-Length: 134
Expires: Sat, 08 Apr 2023 03:57:01 GMT

GET
H2 200 getcommentcount Show response
apiprod.timesnownews.com/api/comment/ 58 B
559 B 243ms
152ms XHR
application/json 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apiprod.timesnownews.com/api/comment/getcommentcount?msid=99287585&appKey=TNN

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/vendors.2410a677.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

0c175f94fbe20da20efa4ef57dcb795b8083a1a6127802dc0e67b2625653bd5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Sat, 08 Apr 2023 03:57:01 GMT
x-content-type-options: nosniff
server-timing: cdn-cache; desc=MISS, edge; dur=123, origin; dur=4, ak_p; desc="466923_1551592267_491481536_12687_5048_18_0";dur=1
content-length: 58
x-xss-protection: 1; mode=block
x-response-time: 0.961ms
server: Bhoot
etag: W/"3a-2H2E09fIkY9Afjmdp8LtmGUYwUQ"
x-frame-options: sameorigin
access-control-max-age: 86400
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-allow-credentials: false
access-control-allow-headers: *

GET
H2 200 timesnownews.com.1122574.js Show response
jsc.mgid.com/t/i/ 3 KB
1 KB 72ms
29ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/i/timesnownews.com.1122574.js
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/articleshow_desktop.db9a0819.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeeb8dc0b990ac066d90f3ee37d372a4e4757ac06425797195b3d7af00afc76b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
x-amz-version-id: dufhSGyoqEoe5v87hTeem5VRBdU9xCd2
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: ZWTDN1NM7AF2JEQC
age: 6013
cf-polished: origSize=2664
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: q6vVXotED6tbUhi/JPiwlG0pGaVYz/TXviYJ/9z2lCDzVBKbiZ1RS0j3IAsLjkSpoem8ir0txDI=
cf-bgj: minify
last-modified: Thu, 06 Apr 2023 11:08:06 GMT
server: cloudflare
etag: W/"e35ea0fae5b88dd7e2eefe884cbc397d"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7b4795729d9f3641-FRA
expires: Sat, 08 Apr 2023 06:57:01 GMT

GET
H2 200 timesnownews.com.1122598.js Show response
jsc.mgid.com/t/i/ 3 KB
2 KB 71ms
29ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/i/timesnownews.com.1122598.js
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/articleshow_desktop.db9a0819.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1588d95d6698b243c121f7494595dab7b220e285baf9917a942ded852f307d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
x-amz-version-id: R3qjYSc1kFL9lqfLTWjH1bN1ZM4yQ5Y2
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 414G6N7E3619XN3M
age: 6491
cf-polished: origSize=2664
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 6wXwwlzsKWI2e9jZpls61tN7GucNRCwRI/JZMXPhH4J6FS7gdkIT7zcpjQFJfptlu4ZissfIgeM=
cf-bgj: minify
last-modified: Thu, 06 Apr 2023 11:08:07 GMT
server: cloudflare
etag: W/"be0b9cb54feae14e8589370d52b3b915"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7b4795729da13641-FRA
expires: Sat, 08 Apr 2023 06:57:01 GMT

GET
H2 200 times-now.svg
www.timesnownews.com/assets/icons/svg/ 5 KB
3 KB 26ms
24ms Image
image/svg+xml 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/times-now.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

bc45e40040cf0de904e32e617ce08358bbd663d8244986dbe7e3437ee59532ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:01 GMT
content-length: 2624
x-xss-protection: 1; mode=block
x-response-time: 0.794ms
pragma: no-cache
last-modified: Thu, 19 Jan 2023 08:20:45 GMT
server: Bhoot
etag: W/"1543-185c91db348"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:01 GMT

GET
H2 200 mirror-now.svg
www.timesnownews.com/assets/icons/svg/ 12 KB
5 KB 26ms
25ms Image
image/svg+xml 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/mirror-now.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

6cb191aa1a2ad570477b385959b558b5916aa5008f151b4ab9100fa2ea22bd4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:01 GMT
content-length: 4392
x-xss-protection: 1; mode=block
x-response-time: 0.660ms
pragma: no-cache
last-modified: Thu, 19 Jan 2023 08:20:45 GMT
server: Bhoot
etag: W/"3008-185c91db348"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:01 GMT

GET
H2 200 times-now-navbharat.svg
www.timesnownews.com/assets/icons/svg/ 15 KB
5 KB 24ms
23ms Image
image/svg+xml 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/times-now-navbharat.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

8d25a0e1702668dd643fe6d3178ea4ff57d06282ca9fd6173d3f95deed3eb7b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:01 GMT
content-length: 5084
x-xss-protection: 1; mode=block
x-response-time: 0.834ms
pragma: no-cache
last-modified: Thu, 19 Jan 2023 08:20:45 GMT
server: Bhoot
etag: W/"3bc6-185c91db348"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:01 GMT

GET
H2 200 et-now-swadesh.svg
www.timesnownews.com/assets/icons/svg/ 13 KB
6 KB 25ms
24ms Image
image/svg+xml 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/et-now-swadesh.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

f129a1eeda59ae34fd2fa8019c1d8b08aae8d858ea76ae1e8ba23c70c75b6024

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:01 GMT
content-length: 5485
x-xss-protection: 1; mode=block
x-response-time: 0.910ms
pragma: no-cache
last-modified: Thu, 19 Jan 2023 08:20:45 GMT
server: Bhoot
etag: W/"33cf-185c91db348"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:01 GMT

GET
H2 200 99303717.jpg
static.tnn.in/thumb/msid-99303717,imgsize-30569,width-300,height-168,resizemode-75/ 4 KB
5 KB 38ms
37ms Image
image/webp 2a02:26f0:480:c::210:f198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.tnn.in/thumb/msid-99303717,imgsize-30569,width-300,height-168,resizemode-75/99303717.jpg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

3580ac6180dbd480e4bd070e260e6e62f1cea557ebb962e85a010828b3be6505

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	sameorigin, sameorigin
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Sat, 08 Apr 2023 03:57:01 GMT
x-content-type-options: nosniff, nosniff
server: Bhoot
etag: 30569
x-frame-options: sameorigin, sameorigin
content-type: image/webp
imagemagick_im4java: 1
cache-control: public, must-revalidate, max-age=31497909
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="466923_34664536_38829995_174_1251_34_0";dur=1
appgn: 17224409501231680865783566
content-length: 4274
x-xss-protection: 1; mode=block, 1; mode=block
expires: Sat, 06 Apr 2024 17:22:10 GMT

GET
H2 200 et-now.svg
www.timesnownews.com/assets/icons/svg/ 5 KB
2 KB 25ms
25ms Image
image/svg+xml 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/et-now.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

543b9774a8201539a5481d89a87e5c1f5eaad01410ff7a94775f09cd3a4a78d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:01 GMT
content-length: 1752
x-xss-protection: 1; mode=block
x-response-time: 0.624ms
pragma: no-cache
last-modified: Thu, 19 Jan 2023 08:20:45 GMT
server: Bhoot
etag: W/"13a7-185c91db348"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:01 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 8649 320 KB
104 KB 101ms
101ms Document
text/html 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.timesnownews.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D0F) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2012664
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Sat, 08 Apr 2023 03:57:01 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D0F)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 27ms
26ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2038072175&t=pageview&_s=1&dl=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&ul=en-us&de=UTF-8&dt=Threat%20Mail%20Sent%20To%20Noida%20News%20Channel%20Claims%20Plot%20To%20Assassinate%20PM%20Modi%2C%20UP%20CM%20Yogi%20%E2%80%94%20DETAILS%20%7C%20India%20News%2C%20Times%20Now&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=726664595&gjid=110722014&cid=1867847681.1680926221&tid=UA-64032556-12&_gid=1083996617.1680926221&_r=1&gtm=457e3430&cd1=99287585&cd2=2023-04-06&cd3=consumption&cd4=india&cd5=&cd6=Article&cd7=&cd8=&cd9=Original&cd10=surabhi.shaurya%40timesgroup.com&cd11=Times%20Now%20Digital&cd12=&jsscut=1&z=301798770

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.timesnownews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 times-now-navbharat.svg
www.timesnownews.com/assets/icons/svg/ 15 KB
5 KB 24ms
24ms Image
image/svg+xml 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/times-now-navbharat.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/vendors.2410a677.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

8d25a0e1702668dd643fe6d3178ea4ff57d06282ca9fd6173d3f95deed3eb7b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:01 GMT
content-length: 5084
x-xss-protection: 1; mode=block
x-response-time: 0.834ms
pragma: no-cache
last-modified: Thu, 19 Jan 2023 08:20:45 GMT
server: Bhoot
etag: W/"3bc6-185c91db348"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:01 GMT

GET
H2 200 et-now-swadesh.svg
www.timesnownews.com/assets/icons/svg/ 13 KB
6 KB 25ms
24ms Image
image/svg+xml 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/et-now-swadesh.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/vendors.2410a677.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

f129a1eeda59ae34fd2fa8019c1d8b08aae8d858ea76ae1e8ba23c70c75b6024

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:01 GMT
content-length: 5485
x-xss-protection: 1; mode=block
x-response-time: 0.910ms
pragma: no-cache
last-modified: Thu, 19 Jan 2023 08:20:45 GMT
server: Bhoot
etag: W/"33cf-185c91db348"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:01 GMT

GET
H2 200 times-now.svg
www.timesnownews.com/assets/icons/svg/ 5 KB
3 KB 24ms
23ms Image
image/svg+xml 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/times-now.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/vendors.2410a677.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

bc45e40040cf0de904e32e617ce08358bbd663d8244986dbe7e3437ee59532ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:01 GMT
content-length: 2624
x-xss-protection: 1; mode=block
x-response-time: 0.794ms
pragma: no-cache
last-modified: Thu, 19 Jan 2023 08:20:45 GMT
server: Bhoot
etag: W/"1543-185c91db348"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:01 GMT

GET
H2 200 et-now.svg
www.timesnownews.com/assets/icons/svg/ 5 KB
2 KB 23ms
22ms Image
image/svg+xml 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/et-now.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/vendors.2410a677.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

543b9774a8201539a5481d89a87e5c1f5eaad01410ff7a94775f09cd3a4a78d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:01 GMT
content-length: 1752
x-xss-protection: 1; mode=block
x-response-time: 0.624ms
pragma: no-cache
last-modified: Thu, 19 Jan 2023 08:20:45 GMT
server: Bhoot
etag: W/"13a7-185c91db348"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:01 GMT

GET
H2 200 mirror-now.svg
www.timesnownews.com/assets/icons/svg/ 12 KB
5 KB 24ms
24ms Image
image/svg+xml 2a02:26f0:1700:5::5f65:1b4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/mirror-now.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/vendors.2410a677.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:5::5f65:1b4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

6cb191aa1a2ad570477b385959b558b5916aa5008f151b4ab9100fa2ea22bd4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 03:57:01 GMT
content-length: 4392
x-xss-protection: 1; mode=block
x-response-time: 0.660ms
pragma: no-cache
last-modified: Thu, 19 Jan 2023 08:20:45 GMT
server: Bhoot
etag: W/"3008-185c91db348"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:01 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 88ms
28ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-64032556-12&cid=1867847681.1680926221&jid=726664595&gjid=110722014&_gid=1083996617.1680926221&_u=YADAAUAAAAAAACAAI~&z=350877554

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 08 Apr 2023 03:57:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.timesnownews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 timesnownews.com.1122598.es6.js Show response
jsc.mgid.com/t/i/ 240 KB
69 KB 54ms
53ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/i/timesnownews.com.1122598.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/timesnownews.com.1122598.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5ffb8aef851fbf4e52ae7523e046182dc7837cefc22f118ff715a4b8f130867

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
x-amz-version-id: 93b7VGP.oov2_.ol6gum5IaSDlx73AIk
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 414MB25VMHVZXXN2
age: 6272
cf-polished: origSize=245875
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: YV8L//JMTuRdxYCqANzkficeyq10OM/PEsUnISjA8coFKI91afrpLsoHmFojoAAJOaH8BUqW/ms=
cf-bgj: minify
last-modified: Thu, 06 Apr 2023 11:08:07 GMT
server: cloudflare
etag: W/"25bb40f0cb3a8bfe54aacf6973f55bc8"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7b479572ddd63641-FRA
expires: Sat, 08 Apr 2023 06:57:01 GMT

GET
H2 200 timesnownews.com.1122574.es6.js Show response
jsc.mgid.com/t/i/ 246 KB
70 KB 33ms
33ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/i/timesnownews.com.1122574.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/timesnownews.com.1122574.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d753d7e4ff89a3ccb19db9079885345c3869bcfcd08118edbaacd605487fab7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
x-amz-version-id: xuudXwUvx_u.2hLhpzMHaikVqisW7L2d
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: ZWT3JY2BQ58R2YB3
age: 6006
cf-polished: origSize=251873
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ZumRkR9sfmb8bCRcDFcWcSvzaFpneiZ7+dSO4QqE8RNABa0rNIlvLKLt58zQXG4zFOUu30yTdZ4=
cf-bgj: minify
last-modified: Thu, 06 Apr 2023 11:08:06 GMT
server: cloudflare
etag: W/"95a04fc3766360cb1ec4c8b3504c03ae"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7b479572ddd83641-FRA
expires: Sat, 08 Apr 2023 06:57:01 GMT

POST
H2 200 loggedInUser Show response
jsso.indiatimes.com/sso/crossapp/identity/web/ 136 B
4 KB 240ms
163ms XHR
application/json 2a02:26f0:480:c::210:f1a2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://jsso.indiatimes.com/sso/crossapp/identity/web/loggedInUser

Requested by

Host: jssocdn.indiatimes.com
URL: https://jssocdn.indiatimes.com/crosswalk/jsso_crosswalk_legacy_0.6.8.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f1a2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

ddfd865e7f12769fb2bda5bcaa84657980cae7117acc679be6877a2d318909b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
csrfToken
sdkVersion: 0.6.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json
IsJssoCrosswalk: true
Referer: https://www.timesnownews.com/
tksec
channel: tnweb
platform: WEB
ssec
csut
gdpr

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
date: Sat, 08 Apr 2023 03:57:01 GMT
x-cool: 88.20
server-timing: cdn-cache; desc=MISS, edge; dur=115, origin; dur=7, ak_p; desc="466923_34664546_1280847309_12215_4326_33_0";dur=1
content-length: 139
x-xss-protection: 1; mode=block
server: Bhoot
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.timesnownews.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-expose-headers: csrfToken,ssec,tksec,csut,gdpr,Sec-FedCM-CSRF,Sec-Fetch-Site,Sec-Fetch-Mode,Sec-Fetch-Des
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, content-type, method, IsJssoCrosswalk,channel, ssec, tksec, ticketId, platform, sdkVersion, csrfToken, csut, gdpr, ssoid, captchatoken

OPTIONS
H2 200 loggedInUser
jsso.indiatimes.com/sso/crossapp/identity/web/ Frame 0
0 308ms
193ms Preflight 2a02:26f0:480:c::210:f1a2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://jsso.indiatimes.com/sso/crossapp/identity/web/loggedInUser

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f1a2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: channel,content-type,csrftoken,csut,gdpr,isjssocrosswalk,platform,sdkversion,ssec,tksec
Access-Control-Request-Method: POST
Origin: https://www.timesnownews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, content-type, method, IsJssoCrosswalk,channel, ssec, tksec, ticketId, platform, sdkVersion, csrfToken, csut, gdpr, ssoid, captchatoken
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.timesnownews.com
access-control-expose-headers: csrfToken,ssec,tksec,csut,gdpr,Sec-FedCM-CSRF,Sec-Fetch-Site,Sec-Fetch-Mode,Sec-Fetch-Des
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Sat, 08 Apr 2023 03:57:01 GMT
server: Bhoot
server-timing: ak_p; desc="466923_34664546_1280847160_15275_5609_33_0";dur=1
strict-transport-security: max-age=25920000; includeSubdomains
x-cool: 64.15
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 83ms
32ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-64032556-12&cid=1867847681.1680926221&jid=726664595&_u=YADAAUAAAAAAACAAI~&z=154879543

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 80ms
31ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-64032556-12&cid=1867847681.1680926221&jid=726664595&_u=YADAAUAAAAAAACAAI~&z=154879543

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 2cb2f912-b444-42d7-9d3e-3a2f96063c84
https://www.timesnownews.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.timesnownews.com/2cb2f912-b444-42d7-9d3e-3a2f96063c84
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK a81670ec-1ecd-49c6-807b-36a8931c6cfa
https://www.timesnownews.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.timesnownews.com/a81670ec-1ecd-49c6-807b-36a8931c6cfa
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 200
OK 26f286d2-95d0-4beb-9d98-81cbbb7d2b94
https://www.timesnownews.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.timesnownews.com/26f286d2-95d0-4beb-9d98-81cbbb7d2b94
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK c0ebd4db-54a5-4d1b-a864-b98c17e548ee
https://www.timesnownews.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.timesnownews.com/c0ebd4db-54a5-4d1b-a864-b98c17e548ee
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 8649 663 B
606 B 194ms
134ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=f1c01b24da85cbe98fdd29f6e00f2e3c20dab3a6

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.timesnownews.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 111
date: Sat, 08 Apr 2023 03:57:00 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Sat, 08 Apr 2023 03:57:01 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: e4d74537a4be74c0
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: a405dc9d1ba8dee4fb6c274de59f0ba1f314bb56183788f38dc9b2d711a019bc
content-length: 284

GET
H2 200 / Show response
c.mgid.com/pv/ 0
43 B 35ms
35ms Script
text/plain 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=1680926221401548930442&uniqId=03d0f&childs=1427656&lct=1680739200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&lu=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&sessionId=6430e60d-08d69&pageView=1&pvid=1875f02a45987b52d0a&site=511795&implVersion=11&dpr=1&tfre=656
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/timesnownews.com.1122574.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b479573de713641-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame E0A4
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db...
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us...

2 KB
3 KB

35ms
34ms

Document
text/html

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 756cfeb191de2bf5cfab2ff9bbc379f6a6134241731a9caf52ae379499ec14d8

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1973
Content-Type: text/html
Date: Sat, 08 Apr 2023 03:57:01 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Sat, 08 Apr 2023 03:57:01 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
BLOB 206
Partial Content c2839dc1-637c-4768-8b7d-5e1430f8bfb1
https://www.timesnownews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.timesnownews.com/c2839dc1-637c-4768-8b7d-5e1430f8bfb1
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content f7425170-c3f2-481f-a93c-9d4e72ce0c19
https://www.timesnownews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.timesnownews.com/f7425170-c3f2-481f-a93c-9d4e72ce0c19
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 28ms
27ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 4ZA9P7VPAM79SEE5
age: 3471
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Ogo/ex200L7ps4FnQp+/tzaMP2Es62GIpyM//oh5VixopnKeKU/OLkVNxoGwINDIcf8PtYkWji0=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7b4795741e973641-FRA
expires: Sun, 09 Apr 2023 03:57:01 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
840 B 29ms
29ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YRQRQGQP9DZNZ14S
age: 1008
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: prDGrfP9Q2yJocLMVMs086d4Xf20e00Uihgi74TWkWggHy5UZf6VnePTEnJDA4LpjohSwbs6H6U=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7b4795741e983641-FRA
expires: Sun, 09 Apr 2023 03:57:01 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1122574/ 1 KB
1 KB 202ms
202ms Script
application/x-javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1122574/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=1680926221497742760540&uniqId=03d0f&childs=1427656&lct=1680739200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=600&h=199&maxw_1=600&maxh_1=176&sz=600x176&szp=1&szl=1&cols=1&ref=&cxurl=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&lu=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&sessionId=6430e60d-08d69&pageView=1&pvid=1875f02a45987b52d0a&implVersion=11&dpr=1&tfre=752
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/timesnownews.com.1122574.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a41267c7756b5cf6db1c072691a33690c63eef8ce8725e81626b52032735602

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7b4795746ec43641-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/1122598/ 9 KB
3 KB 225ms
225ms Script
application/x-javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1122598/1?scum=%3F0&scuw=%3F0&mp4=1&ap=1&w=600&h=646&maxw_3=194&maxh_3=192&sz=194x192&szp=1,2,3,4,5,6,7,8,9&szl=1,2,3;4,5,6;7,8,9&cols=3&pv=5&cbuster=1680926221498585458758&ogtitle=Threat%20Mail%20Sent%20To%20Noida%20News%20Channel%20Claims%20Plot%20To%20Assassinate%20PM%20Modi%2C%20UP%20CM%20Yogi%20%E2%80%94%20DETAILS&uniqId=0ffde&childs=1310961,1379466,1427666&lct=1680739200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&lu=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&sessionId=6430e60d-08d69&pageView=0&pvid=1875f02a45987b52d0a&implVersion=11&dpr=1&tfre=754
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/timesnownews.com.1122598.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d80704b0ddb801ebac598b90b140210d78d0127bf097b8ad1a8ee8f3192b9386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7b4795747ec83641-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame E0A4 70 B
265 B 148ms
47ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 08 Apr 2023 03:57:01 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E0A4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZDDmDZV1vG.6jNd3IA-3iwAA
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZDDmDZV1vG.6jNd3IA-3iwAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKqg2UkaKR8I0w3ifp946qw&google_cver=1&google_hm=2

43 B
632 B

39ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKqg2UkaKR8I0w3ifp946qw&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKqg2UkaKR8I0w3ifp946qw&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame E0A4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBDwGO5n-nAg3A16FUJtkhc&google_cver=1

43 B
766 B

22ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBDwGO5n-nAg3A16FUJtkhc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBDwGO5n-nAg3A16FUJtkhc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame E0A4
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

252ms
141ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2QCTHET7E8CZMGGVS571
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:01 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KBEVKHB5BDKYB9PYWH5C
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E0A4
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588524137690406

43 B
632 B

46ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588524137690406
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588524137690406
Date: Sat, 08 Apr 2023 03:57:01 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E0A4
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

43 B
632 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date: Sat, 08 Apr 2023 03:57:01 GMT
access-control-allow-credentials: true
x-powered-by: Express
keep-alive: timeout=5
vary: Origin
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E0A4
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

43 B
632 B

21ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E0A4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZDDmDQABKdt0EABL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZDDmDQABKdt0EABL&_test=ZDDmDQABKdt0EABL

43 B
632 B

24ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZDDmDQABKdt0EABL&_test=ZDDmDQABKdt0EABL
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

x-served-by: cache-hhn-etou8220048-HHN
pragma: no-cache
date: Sat, 08 Apr 2023 03:57:01 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1680926222.765507,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZDDmDQABKdt0EABL&_test=ZDDmDQABKdt0EABL
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 setuid
ow.pubmatic.com/ Frame E0A4 0
286 B 170ms
170ms Image
text/html 104.36.113.67
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ow.pubmatic.com/setuid?bidder=ix&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=ZDDmDZV1vG.6jNd3IA-3iwAA%265292
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.67 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
content-length: 0
content-type: text/html

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame AF27 3 KB
2 KB 81ms
31ms Document
text/html 104.18.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1167
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7b4795756a11923e-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 08 Apr 2023 03:57:01 GMT
expires: Sat, 08 Apr 2023 07:57:01 GMT
last-modified: Mon, 25 Jul 2022 19:18:30 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame DAB1 281 B
554 B 81ms
22ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 08 Apr 2023 03:57:01 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 4D38 0
91 B 50ms
30ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sat, 08 Apr 2023 03:57:01 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame CE8D 16 KB
6 KB 22ms
20ms Document
text/html 2.19.228.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.228.187 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-228-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=68122
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 08 Apr 2023 03:57:01 GMT
expires: Sat, 08 Apr 2023 22:52:23 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6375 52 KB
17 KB 103ms
24ms Document
text/html 2.19.228.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.228.175 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-228-175.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 08 Apr 2023 03:57:01 GMT
ETag: "623de86a-cf34"
Expires: Sun, 09 Apr 2023 03:57:03 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 362 KB
121 KB 79ms
29ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/articleshow_desktop.db9a0819.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dcfe2ca725aae40efb98cf072faec02766d4113cea792734e7ef92113159a26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123775
x-xss-protection: 0
expires: Sat, 08 Apr 2023 03:57:01 GMT

GET
H2 200 1xfny336u9.json Show response
tvid.in/api/mediainfo/fn/y3/1xfny336u9/ 811 B
868 B 197ms
135ms XHR
application/json 2a02:26f0:1700:78f::3857
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://tvid.in/api/mediainfo/fn/y3/1xfny336u9/1xfny336u9.json?vj=105&apikey=tgbsl486web5ab8uukl9o&k=1xfny336u9&mse=1&ajbit=00001&pw=300&ph=169&url=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&sw=1600&sh=1200&cont=masterVideoPlayer1xfny336u9&gdprn=2&skipanalytics=2&sdk=1

Requested by

Host: tvid.in
URL: https://tvid.in/sdk/slikeloader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:78f::3857 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

b0f8b4d39d44dbfb7a704e76c24c1fc06c425b8d438267059dd87dfe5164b0cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=86400 ; includeSubDomains
content-length: 459
x-xss-protection: 1; mode=block
geo: DE
server: Bhoot
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.timesnownews.com
access-control-expose-headers: geo
x-frame-options: sameorigin
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, Content-Type
x-time-ms: 1680926221751

GET
H2 200 tgbsl486web5ab8uukl9o.hls.spl.js Show response
tvid.in/sdk/ 658 KB
181 KB 21ms
21ms Script
application/javascript 2a02:26f0:1700:78f::3857
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://tvid.in/sdk/tgbsl486web5ab8uukl9o.hls.spl.js

Requested by

Host: tvid.in
URL: https://tvid.in/sdk/slikeloader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:78f::3857 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c4ab1e75878be136902195ffa060c7627f882debc0e507d3748c83958b5e0293

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
content-encoding: gzip
strict-transport-security: max-age=86400 ; includeSubDomains
x-amz-request-id: 9XN06TH4WGV0ZYYS
x-amz-server-side-encryption: AES256
content-length: 184714
x-amz-id-2: fR/tfhkGmLDGgq7neuj1GMQGtxkuYFch6X/fRLN5MiCLYpPDy8Tm4EAzIaVvmbYr0Byj4lOgkOI=
pragma: no-cache
last-modified: Wed, 29 Mar 2023 09:50:16 GMT
server: AmazonS3
etag: "70686ad089cbd463d8130bcdbb1e02de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:01 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame CE8D 2 KB
3 KB 517ms
169ms Script
text/html 104.36.113.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4415510&p=156537&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.112 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 871748ce617e95467e09486a21c0fe250eaca2076205e37aab4ca6e1a7f3f330

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 08 Apr 2023 03:57:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 100ms
30ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.timesnownews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 84ms
28ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.timesnownews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 580 KB
111 KB 432ms
432ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3679870996066378&correlator=2995888793778245&eid=44785728%2C21065725&output=ldjh&gdfp_req=1&vrg=202304030101&ptt=17&impl=fifs&iu_parts=21806551354%2CTN_English%2CDesktop%2CArticleShow%2CTN_English_Desk_AS_Header%2CTN_English_Desk_AS_RHS_TOP_300%2CTN_English_Desk_AS_RHS_MID_1_300%2CTN_English_Desk_AS_RHS_Bottom_300%2CTN_English_Desk_AS_Bottom_Multisize%2CROS%2CTN_English_Desktop_ROS_Interstitial&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F2%2F3%2F6%2C%2F0%2F1%2F2%2F3%2F7%2C%2F0%2F1%2F2%2F3%2F8%2C%2F0%2F1%2F2%2F9%2F10&prev_iu_szs=728x90%7C970x90%7C980x90%2C300x250%2C300x250%2C300x250%7C300x600%2C728x90%7C980x90%7C970x90%7C980x200%2C1x1&ifi=1&adks=598348027%2C3949188650%2C63681998%2C4155832848%2C74907901%2C3356420019&didk=4172021985~3940000028~3939999173~609053513~490242270~1332961640&sfv=1-0-40&ists=1&fas=0%2C0%2C0%2C0%2C0%2C8&prev_scp=amznbid%3D2%26amznp%3D2%26pwtsid_pubmatic%3D527985db29b4f67%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Camznbid%3D2%26amznp%3D2%26pwtsid_pubmatic%3D53d9f412ea40eac%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Camznbid%3D2%26amznp%3D2%26pwtsid_pubmatic%3D54a0440ca2fec52%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Camznbid%3D2%26amznp%3D2%26pwtsid_pubmatic%3D55c0e17f8d1088d%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Camznbid%3D2%26amznp%3D2%26pwtsid_pubmatic%3D5634cb8b714a711%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D57664782d75c97b%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=section%3Dindia%26page%3Darticle%26keyword%3DPlottokillPMMOdi%252CThreateningemailtokillcmyogi%252CNoidanews%252Cnoidanewstoday%252CIndiaNews%252CTimesNow%26articleid%3D99287585%26article_sequence%3D0%26platform%3Ddesktop&sc=1&cookie_enabled=1&abxe=1&dt=1680926221663&lmt=1680926221&dlt=1680926220576&idt=269&adxs=436%2C1061%2C1061%2C1061%2C436%2C-9&adys=50%2C527%2C1889%2C3003%2C3923%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&frm=20&vis=1&psz=1160x90%7C298x250%7C298x250%7C298x600%7C1160x200%7C0x-1&msz=1160x90%7C298x250%7C298x250%7C298x600%7C980x200%7C0x-1&fws=0%2C0%2C0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=1867847681.1680926221&ga_sid=1680926222&ga_hid=2038072175&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ed4f12d45ad102a0d1aaf6c11ce73253584361d3beafd7d4691f9ba506646ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113940
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.timesnownews.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D4E5 6 KB
3 KB 115ms
29ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Apr 2023 03:57:01 GMT
expires: Sun, 07 Apr 2024 03:57:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/ 33 KB
12 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ead6c80d76fadd0081de134430697e72f079197794936fae25f351a55907b6c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 22:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20827
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11881
x-xss-protection: 0
server: cafe
etag: 196037971963895213
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 06 Apr 2024 22:09:54 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DAB1 34 KB
10 KB 22ms
21ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 43a787f1b2bb316fc89c7f479769f2a0380799658773fb9411e39fce5c2c785e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 08 Apr 2023 03:57:01 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Apr 2023 15:18:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=40849
Connection: keep-alive
Content-Length: 10016
Expires: Sat, 08 Apr 2023 15:17:50 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame AAC3 2 KB
3 KB 23ms
23ms Document
text/html 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 34bc7f5ab6e6987815a878b19f49b88fb9a8d45ed01c13395e416da4907055f9

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1877
Content-Type: text/html
Date: Sat, 08 Apr 2023 03:57:01 GMT
Expires: 0
Keep-Alive: timeout=1, max=497
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6375 0
861 B 21ms
20ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:01 GMT
AN-X-Request-Uuid: 648f59f2-38a4-476a-a159-903b35883391
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 pixel
tvid.in/log/ 43 B
427 B 134ms
134ms Ping
image/gif 2a02:26f0:1700:78f::3857
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://tvid.in/log/pixel?lts=1680926221628&vj=108&apikey=tgbsl486web5ab8uukl9o&k=1xfny336u9&ss=&pfs=140

Requested by

Host: tvid.in
URL: https://tvid.in/sdk/slikeloader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:78f::3857 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
x-content-type-options: nosniff
content-length: 43
x-xss-protection: 1; mode=block
geo: DE
server: Bhoot
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.timesnownews.com
access-control-expose-headers: geo
x-frame-options: sameorigin
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
x-time-ms: 1680926221826

GET
H2 200 89109097.jpg
static.tnn.in/thumb/msid-89109097,width-390,height-200,resizemode-75/ 4 KB
4 KB 37ms
37ms Image
image/webp 2a02:26f0:480:c::210:f198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.tnn.in/thumb/msid-89109097,width-390,height-200,resizemode-75/89109097.jpg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

5c6442b9ddd1a32ac3df7be8e7b134105a5a0a74030d934a891bc05ba5a69388

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	sameorigin, sameorigin
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Sat, 08 Apr 2023 03:57:01 GMT
x-content-type-options: nosniff, nosniff
server: Bhoot
etag: 138133
x-frame-options: sameorigin, sameorigin
content-type: image/webp
imagemagick_im4java: 1
cache-control: public, must-revalidate, max-age=31353199
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="466923_34664536_38830311_180_1123_33_0";dur=1
appgn: 17224408901231680691348968
content-length: 3820
x-xss-protection: 1; mode=block, 1; mode=block
expires: Fri, 05 Apr 2024 01:10:20 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame AAC3 70 B
264 B 47ms
46ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 08 Apr 2023 03:57:01 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame AAC3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEI6jyG4mHgmZfQWjbzetvz4&google_cver=1

43 B
766 B

21ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEI6jyG4mHgmZfQWjbzetvz4&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEI6jyG4mHgmZfQWjbzetvz4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame AAC3
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

138ms
135ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8F5VHEHNAPH9PWRF9BN4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HGB8CSVK5C422Q1BX6K8
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame AAC3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZDDmDZV1vG.6jNd3IA-3iwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKqg2UkaKR8I0w3ifp946qw&google_cver=1&google_hm=2

43 B
632 B

22ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKqg2UkaKR8I0w3ifp946qw&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKqg2UkaKR8I0w3ifp946qw&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame AAC3
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

43 B
632 B

21ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame AAC3
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=0a766dd0-17ee-47da-a0ef-7223189eab60

43 B
632 B

22ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=0a766dd0-17ee-47da-a0ef-7223189eab60
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=0a766dd0-17ee-47da-a0ef-7223189eab60
date: Sat, 08 Apr 2023 03:57:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

crum
dsum.casalemedia.com/ Frame AAC3
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=818824508118379394

43 B
632 B

70ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=818824508118379394
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Date: Sat, 08 Apr 2023 03:57:01 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4ad1c9fb-d9d4-4957-87e7-8f32b4e7bad8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=818824508118379394
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame AAC3
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&verify=true
https://pr-bh.ybp.yahoo.com/sync/casale/ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB?us_privacy=

43 B
601 B

85ms
47ms

Image
image/gif

2a05:d018:d29:3602:39b1:7ee6:8530:823e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB?us_privacy=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Server

2a05:d018:d29:3602:39b1:7ee6:8530:823e Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/ZDDmDZV1vG-6jNd3IA_3iwAAFKwAAAAB?us_privacy=
date: Sat, 08 Apr 2023 03:57:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame AAC3 43 B
353 B 78ms
25ms Image
image/gif 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZDDmDZV1vG.6jNd3IA-3iwAA%265292
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 15613
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b479576aa633a60-FRA
content-length: 43
expires: Sun, 09 Apr 2023 03:57:01 GMT

GET
BLOB 206
Partial Content 956b23ae-21b4-4df3-b967-ff40c7e2501f
https://www.timesnownews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.timesnownews.com/956b23ae-21b4-4df3-b967-ff40c7e2501f
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 32ms
31ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BQQZ016TJQM3CQAQ
age: 6984
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7b4795766fb49b6e-FRA
expires: Sun, 09 Apr 2023 03:57:01 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1010 B 34ms
34ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BQQP2P0ZGAY0CMXJ
age: 2391
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7b4795766fb59b6e-FRA
expires: Sun, 09 Apr 2023 03:57:01 GMT

GET
H2 200 492
img.rtbsystem.org/285/103/492/ac4a2774-80dd-473e-85ca-f9752cb9f61f.jpg/16x9/ 16 KB
17 KB 82ms
39ms Image
image/jpeg 2606:4700:3038::6815:eb89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.rtbsystem.org/285/103/492/ac4a2774-80dd-473e-85ca-f9752cb9f61f.jpg/16x9/492
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d574f6520896627ad2e548717d6f7b70b6d95b5c7b9b01607cb6328658cf6919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 16 Mar 2023 11:48:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"641301f5-c10d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnBIl3GVjsZuS4x7z41%2BkpiNu1mcqQ8gAJdH0oSRwS%2F6hGN4X403%2B6R%2FH%2BHdO3inKKfuGRcI1rBai6gyN6ZwcUj84%2Fq%2FOSxgVlQgAVFYfKnc30LnHs%2F4eeUVA%2Fgfx7ptBcurtk6s9cEVCJ1u9UYdwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7b479576bfe39028-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16851
expires: Sun, 09 Apr 2023 03:57:01 GMT

GET
H2 200 492
img.rtbsystem.org/5/40/76/a3841e0e-69ec-47e3-9a2c-eacf8de1aff4.png/16x9/ 219 KB
220 KB 84ms
44ms Image
image/png 2606:4700:3038::6815:eb89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.rtbsystem.org/5/40/76/a3841e0e-69ec-47e3-9a2c-eacf8de1aff4.png/16x9/492
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54611c9417a165beb99460295779b8ef329db509edb0757262472485bfeb8179

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 05 Jan 2023 17:53:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63b70eac-1674e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYaylYDpkT%2FeLdxCmmwv2C5hd5ZkthXoa%2BwwQHQ3T2I2RTKbxDDsG2l2FnvR1LcTLYmhLoyD7nWYnodaJX%2BWqoie%2BatFi%2BMkA3DUEuTJlWAqFv0A1v5MBdOdFSbqIVur7FlcXb%2BdnmqjmUnn69f07g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7b479576bfe49028-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 224757
expires: Sun, 09 Apr 2023 03:57:01 GMT

GET
H2 200 492
img.rtbsystem.org/63/313/480/2afc946a-c2a9-43d5-a76f-8040b84b0d77.jpg/16x9/ 22 KB
22 KB 81ms
41ms Image
image/jpeg 2606:4700:3038::6815:eb89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.rtbsystem.org/63/313/480/2afc946a-c2a9-43d5-a76f-8040b84b0d77.jpg/16x9/492
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0685061a5b56cb23042f48001712ebd45e188a95181ebfbbea7bc9a30b65c1a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 07 Apr 2023 10:24:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"642fef68-8bb1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuKV0sFk4LaQYJ4qC2g1zG7lYGR9cBZjcSE5i6fYB0tluHk9mnYLPEXAKZmW4572w6shZFHVzuQdTPmYHR6hcRNfud5dHM5GXzSp7T0pqtxBSLikwbRcmAknpHlhnR8gFriYx7IhFYtIxT2XwAUFbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7b479576bfe59028-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22360
expires: Sun, 09 Apr 2023 03:57:01 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy8zNzMyNjIvMjk3Y...
s-img.mgid.com/g/15771943/492x277/-/ 31 KB
31 KB 76ms
32ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15771943/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy8zNzMyNjIvMjk3Yjg5NWU1MTA4YjlkZWQ0NzlkYjU5Zjc3NGMwYjIuanBn.webp?v=1680926221-pxsz6UqFXy6eVLbakDd7_q7KTMrk7leoGIZpVEjtUXw
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66d94c080fb79b680bfe06e973326cd7310c01a177a44d439b47cd6e4c20bd53

Request headers

Referer: https://www.timesnownews.com/
Origin: https://www.timesnownews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 01:04:57 GMT
x-mg-request-uuid: 7c3ce84e-b0e2-43b4-a8af-e2c433e7a80d
server: cloudflare
age: 779330
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7b479576cd993821-FRA
content-length: 31258
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvOTgwMjIvNmU0ODU3ZWVhODc2YjI3MGJjNWFmMzgzNjRjOWY0YjEuanBn.webp
s-img.mgid.com/g/14609607/492x277/0x0x549x309/ 19 KB
19 KB 73ms
28ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14609607/492x277/0x0x549x309/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvOTgwMjIvNmU0ODU3ZWVhODc2YjI3MGJjNWFmMzgzNjRjOWY0YjEuanBn.webp?v=1680926221-i6jggJ46hZu5v4HVbQykuplyDVrrF5j9AEJHpVgENE0
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f61c25677630be410af378334faf8cd0f2b903f5635da348cf7a78d9c4caceba

Request headers

Referer: https://www.timesnownews.com/
Origin: https://www.timesnownews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 13:58:27 GMT
x-mg-request-uuid: 44e341cf-0384-4729-8beb-5dfb6e832b00
server: cloudflare
age: 1971010
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7b479576cd9b3821-FRA
content-length: 19294
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy85ODAyMi8yZTFkMTEzMGZkZmNhY2YyZ...
s-img.mgid.com/g/14609377/492x277/-/ 5 KB
5 KB 96ms
51ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14609377/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy85ODAyMi8yZTFkMTEzMGZkZmNhY2YyZTkzMzliZTQ3MTRmNWZmNS5qcGc.webp?v=1680926221-NnvFVkf8nYqCMECsUWnv0buKO5ikLVytefrv8cKffXk
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f90e7bd1d0187490f546431f0caa98a9109fe1c1024efd417acd98e38ee1dd73

Request headers

Referer: https://www.timesnownews.com/
Origin: https://www.timesnownews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 17:28:08 GMT
x-mg-request-uuid: 9a17c9de-e7c9-4a86-9886-4b2fabeef2e2
server: cloudflare
age: 121766
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7b479576cd9c3821-FRA
content-length: 5250
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvOTgwMjIvMDdjOTE5YjkwYWU3NGExMDU1OWQ4ZjQwM2RlMTE4NDguanBn.webp
s-img.mgid.com/g/14609422/492x277/0x0x492x277/ 15 KB
15 KB 95ms
51ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14609422/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvOTgwMjIvMDdjOTE5YjkwYWU3NGExMDU1OWQ4ZjQwM2RlMTE4NDguanBn.webp?v=1680926221-GMFi3vbTifq5nfHWYjXLx9FL2gw-pcH4qs3rfdYRuxA
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2d70a4a2a7922c9d02554ddf6fb2a4b4da58f003918251c6cbbadf9f6040878

Request headers

Referer: https://www.timesnownews.com/
Origin: https://www.timesnownews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 14:22:02 GMT
x-mg-request-uuid: 691ea00e-0c8d-4354-9acb-b01b100a1265
server: cloudflare
age: 1970537
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7b479576cd9e3821-FRA
content-length: 14944
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvOTgwMjIvZmNhOGY4ODNlZjQ3YWJjNWZiYTEzZDA5MDFlNjRhYWQuanBn.webp
s-img.mgid.com/g/14592831/492x277/0x0x648x364/ 13 KB
14 KB 92ms
49ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14592831/492x277/0x0x648x364/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvOTgwMjIvZmNhOGY4ODNlZjQ3YWJjNWZiYTEzZDA5MDFlNjRhYWQuanBn.webp?v=1680926221-aoZk4yekPekoiwcPeg6bJ-hfAPp4Dq6gKVrzUeBGqLU
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57f3b1e8d2a63f8f0f5b74957b4c7b4545fc83be73ad87e185664697ead33ab7

Request headers

Referer: https://www.timesnownews.com/
Origin: https://www.timesnownews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 13:58:22 GMT
x-mg-request-uuid: 873446fb-ca40-45c1-b5ba-cbf2cba4c196
server: cloudflare
age: 83523
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7b479576cd9d3821-FRA
content-length: 13530
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvOTgwMjIvODY0NmZkMTM3ZWRmY2U1MDgwM2Y1MDQyNTk2MmRmMTkuanBn.webp
s-img.mgid.com/g/14609400/492x277/0x54x650x365/ 26 KB
26 KB 95ms
52ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14609400/492x277/0x54x650x365/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvOTgwMjIvODY0NmZkMTM3ZWRmY2U1MDgwM2Y1MDQyNTk2MmRmMTkuanBn.webp?v=1680926221-dFbvEBxo6j_2Xg49tJ8EE_QkgNsKTHJynUJddHepxFA
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c81fb12693302c027fb6f81b8afe5c36f9a187ea9c11d98d3a47e40024f3705

Request headers

Referer: https://www.timesnownews.com/
Origin: https://www.timesnownews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
cf-cache-status: HIT
last-modified: Sun, 11 Dec 2022 15:48:33 GMT
x-mg-request-uuid: 65b40321-5043-4261-8cfd-54fc270188d9
server: cloudflare
age: 1971502
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7b479576cd9f3821-FRA
content-length: 26218
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 int_exchange_wages_ad.svg
cdn.mgid.com/images/mgid/ 1 KB
943 B 37ms
36ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/int_exchange_wages_ad.svg
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 5FEWVNTYH4XY0BX8
age: 5522
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: k+adrVf6bTi5y7VcvktaWl+n9ltNdRx9sZBU8f4ad0wBtKi7Xf3T8iY0buFEhPUzuRmwL7VROLM=
last-modified: Mon, 04 May 2020 12:16:53 GMT
server: cloudflare
etag: W/"37346cd2daeeec771e8ffe3a34ef43ea"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7b4795768fd79b6e-FRA
expires: Sun, 09 Apr 2023 03:57:01 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 195 KB
77 KB 105ms
48ms Script
application/javascript 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/articleshow_desktop.db9a0819.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47fec72b3ef9b5329633a37d162b6614f447f05727151c03f572b1efdb915625

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0jQIdhiYbe7ZUbT6EmxHrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-0jQIdhiYbe7ZUbT6EmxHrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sat, 08 Apr 2023 03:57:01 GMT

POST
H2 200 pixel
tvid.in/log/ 43 B
427 B 165ms
165ms Ping
image/gif 2a02:26f0:1700:78f::3857
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://tvid.in/log/pixel?lts=1680926221628&vj=497&pfM=1680926221883&apikey=tgbsl486web5ab8uukl9o&k=1xfny336u9&mstime=1680926221883&ss=1xfny336u9.1680926221751.77.5850&pfc=2&livet=1&pw=300&ph=169&viewport=100

Requested by

Host: tvid.in
URL: https://tvid.in/sdk/tgbsl486web5ab8uukl9o.hls.spl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:78f::3857 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:02 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
x-content-type-options: nosniff
content-length: 43
x-xss-protection: 1; mode=block
geo: DE
server: Bhoot
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.timesnownews.com
access-control-expose-headers: geo
x-frame-options: sameorigin
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
x-time-ms: 1680926221972

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
21ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2038072175&t=event&_s=2&dl=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&ul=en-us&de=UTF-8&dt=Threat%20Mail%20Sent%20To%20Noida%20News%20Channel%20Claims%20Plot%20To%20Assassinate%20PM%20Modi%2C%20UP%20CM%20Yogi%20%E2%80%94%20DETAILS%20%7C%20India%20News%2C%20Times%20Now&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Live%20TV&ea=Player%20Error&el=Times%20Now%7C1xfny336u9&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=1867847681.1680926221&tid=UA-64032556-12&_gid=1083996617.1680926221&gtm=457e3430&cd1=99287585&cd2=2023-04-06&cd3=consumption&cd4=india&cd5=&cd6=Article&cd7=&cd8=&cd9=Original&cd10=surabhi.shaurya%40timesgroup.com&cd11=Times%20Now%20Digital&cd12=&jsscut=1&z=56917813

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35509
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 563 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d756007634d0d47c5d681421e9df6e138995fe0f247c5c17f87277fb66a1092

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame DAB1 70 B
264 B 50ms
45ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 08 Apr 2023 03:57:01 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DAB1
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEc3RzJMMDMtMUQtMzBGRQ==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGgrVwEeFDhBhUBoIXgaCI0&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEc3RzJMMDMtMUQtMzBGRQ==&google_push=

170 B
188 B

31ms
31ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEc3RzJMMDMtMUQtMzBGRQ==&google_push=

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEc3RzJMMDMtMUQtMzBGRQ==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
Expires: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame DAB1
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/CNcBJFtERXxOs4OKzN-yJcn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VJnSDT1E2oJiyNquTCy8LH8x7tumTCELHSJ96g--~A

0
239 B

25ms
25ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VJnSDT1E2oJiyNquTCy8LH8x7tumTCELHSJ96g--~A
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 08 Apr 2023 03:57:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VJnSDT1E2oJiyNquTCy8LH8x7tumTCELHSJ96g--~A
content-length: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame DAB1
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LG7G2L03-1D-30FE

0
865 B

193ms
125ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LG7G2L03-1D-30FE
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:01 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 1BA0DF7C565148DEBC6C7CBB43C6A145 Ref B: DUS30EDGE0416 Ref C: 2023-04-08T03:57:02Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX4yyJdAhQtfGAchNx54A==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LG7G2L03-1D-30FE
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame DAB1
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0MkRPu1VStulEeFaZW8v0g&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0MkRPu1VStulEeFaZW8v0g

43 B
479 B

116ms
115ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0MkRPu1VStulEeFaZW8v0g

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: R9F0JJ1Z78R7SF3FG50K
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0MkRPu1VStulEeFaZW8v0g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DAB1
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjJiNmRlZWU0NGUxMTI2YjgwYjgzODkyMjM1Yzc1YjUyODFjM2NhYw

170 B
188 B

30ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjJiNmRlZWU0NGUxMTI2YjgwYjgzODkyMjM1Yzc1YjUyODFjM2NhYw

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjJiNmRlZWU0NGUxMTI2YjgwYjgzODkyMjM1Yzc1YjUyODFjM2NhYw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame DAB1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE_zhPu75QVJ4GXq3FR6mjg&google_cver=1

0
239 B

88ms
22ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE_zhPu75QVJ4GXq3FR6mjg&google_cver=1
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE_zhPu75QVJ4GXq3FR6mjg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame DAB1
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=fSrCwZ6XS_u-1yuRFcnxyg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=fSrCwZ6XS_u-1yuRFcnxyg

43 B
479 B

124ms
123ms

Image
image/gif

52.95.126.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=fSrCwZ6XS_u-1yuRFcnxyg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

HTTP/1.1

Server

52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KWPCET9YKTFBRK8GHBKQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=fSrCwZ6XS_u-1yuRFcnxyg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 style
accounts.google.com/gsi/ 533 B
608 B 40ms
39ms Stylesheet
text/css 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-r1JoqFAp3ZuIHzoazOcZIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-r1JoqFAp3ZuIHzoazOcZIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sat, 08 Apr 2023 03:57:02 GMT

GET
H2 403 status Show response
accounts.google.com/gsi/ 37 B
532 B 80ms
80ms XHR
application/json 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=516427900873-frpulpnsvv3886s9vlsc2pvq2nhj0uvg.apps.googleusercontent.com&as=GfWIizdHv31IROxdfWHttQ

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

59c12412e5b955388e564f50c25cbb29545851e1bd36445081733542233b2214

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AXBBx-2pKEmc7FvbGXCPLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-AXBBx-2pKEmc7FvbGXCPLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.timesnownews.com
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C3D6 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Apr 2023 03:57:01 GMT
expires: Sun, 07 Apr 2024 03:57:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012303151621000/ Frame 8BC6 221 KB
60 KB 83ms
26ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151621000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32a398551559147de00a9581403ae7e14230f11397e39e34887d0cbc5ed9c51d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Apr 2023 17:07:49 GMT
age: 384553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61738
x-xss-protection: 0
server: sffe
etag: "0caefa4c1415de54"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Apr 2024 17:07:49 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012303151621000/v0/ Frame 8BC6 15 KB
5 KB 116ms
59ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151621000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4f1ff793b9ae11982096cb0c049cd0a0cee90b9cddfe72c35b33b370f743865

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Apr 2023 17:07:49 GMT
age: 384553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5226
x-xss-protection: 0
server: sffe
etag: "64ac5ddec28ac2aa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Apr 2024 17:07:49 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012303151621000/v0/ Frame 8BC6 94 KB
28 KB 132ms
75ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151621000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

397850bc917afaa87d5ffce333fd3db75d324bb3a76249ab53cfd9e60197742b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Apr 2023 17:07:49 GMT
age: 384553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28944
x-xss-protection: 0
server: sffe
etag: "46c36ca14bcffdc8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Apr 2024 17:07:49 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012303151621000/v0/ Frame 8BC6 5 KB
2 KB 117ms
60ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151621000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74cd04f60065b6e31e98e97a89b616b2f46ac40ea2533bba749515688b4b8047

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Apr 2023 17:07:49 GMT
age: 384553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1905
x-xss-protection: 0
server: sffe
etag: "e0aae84f332fc66d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Apr 2024 17:07:49 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012303151621000/v0/ Frame 8BC6 40 KB
14 KB 77ms
21ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151621000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1085ca7b96d9f287bf35a440569948a42787e6a6b94144936149dee077b22277

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Apr 2023 17:07:49 GMT
age: 384553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "cbb0c0b6f4ec6009"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Apr 2024 17:07:49 GMT

GET
DATA 200
OK truncated
/ Frame 8BC6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d570c010d78ce92e3dd1bb5f971ef4369f4542083a43e2b1ec697f89db9bdfc0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2732 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Apr 2023 03:57:01 GMT
expires: Sun, 07 Apr 2024 03:57:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D308 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Apr 2023 03:57:01 GMT
expires: Sun, 07 Apr 2024 03:57:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012303151621000/ Frame 2EA6 221 KB
60 KB 99ms
61ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151621000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32a398551559147de00a9581403ae7e14230f11397e39e34887d0cbc5ed9c51d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Apr 2023 17:07:49 GMT
age: 384553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61738
x-xss-protection: 0
server: sffe
etag: "0caefa4c1415de54"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Apr 2024 17:07:49 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012303151621000/v0/ Frame 2EA6 15 KB
5 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151621000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4f1ff793b9ae11982096cb0c049cd0a0cee90b9cddfe72c35b33b370f743865

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Apr 2023 17:07:49 GMT
age: 384553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5226
x-xss-protection: 0
server: sffe
etag: "64ac5ddec28ac2aa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Apr 2024 17:07:49 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012303151621000/v0/ Frame 2EA6 94 KB
28 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151621000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

397850bc917afaa87d5ffce333fd3db75d324bb3a76249ab53cfd9e60197742b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Apr 2023 17:07:49 GMT
age: 384553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28944
x-xss-protection: 0
server: sffe
etag: "46c36ca14bcffdc8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Apr 2024 17:07:49 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012303151621000/v0/ Frame 2EA6 5 KB
2 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151621000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74cd04f60065b6e31e98e97a89b616b2f46ac40ea2533bba749515688b4b8047

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Apr 2023 17:07:49 GMT
age: 384553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1905
x-xss-protection: 0
server: sffe
etag: "e0aae84f332fc66d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Apr 2024 17:07:49 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012303151621000/v0/ Frame 2EA6 40 KB
13 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151621000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1085ca7b96d9f287bf35a440569948a42787e6a6b94144936149dee077b22277

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Apr 2023 17:07:49 GMT
age: 384553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "cbb0c0b6f4ec6009"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Apr 2024 17:07:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2EA6 4 KB
1 KB 76ms
29ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f0d14e678c7dd5f443e5810048090a0a12ac42e474c478b948a8d44c7f6a4d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Apr 2023 03:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Apr 2023 02:39:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Apr 2023 03:57:02 GMT

GET
H2 200 container.html Show response
f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C455 6 KB
3 KB 21ms
19ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Apr 2023 03:57:01 GMT
expires: Sun, 07 Apr 2024 03:57:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6351532511977576109
tpc.googlesyndication.com/simgad/ Frame 8BC6 51 KB
51 KB 89ms
35ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6351532511977576109?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qloTJYd3kFzAFHNO8uaqFrFA8BYxQ

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

945ce4bfd4a41947475ac6658ccdb643abf94d3a76a1ac568b60ac66d96046f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 20:14:55 GMT
x-content-type-options: nosniff
age: 200527
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52505
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 09:47:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 04 Apr 2024 20:14:55 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8BC6 2 KB
3 KB 73ms
20ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
server: cafe
age: 35510
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 08 Apr 2023 18:05:12 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8BC6 295 B
399 B 74ms
21ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 07:58:03 GMT
x-content-type-options: nosniff
server: cafe
age: 71939
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 08 Apr 2023 07:58:03 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8BC6 0
0 32ms
29ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTaQsvJ1G35o7CUKzQwJ9Gdu0re4poGu5PZ4nGLCKe9qWBbqEhkgxPUydaKm_T-CW_09UO
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8BC6 0
0 68ms
65ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLhvgDeYwZJGoLdiS7_UPtcacmAv-m772b6D-07rREdzZHhABII-wpHNglYKHgpgHoAHx2MnGA8gBAqkCVwINOLdLsj7gAgCoAwHIAwiqBJoDT9CCLkWHW0MH_ybVqAO3DwK3DKyvT17eOKC2dV-M2IiCiRuz6buXhIuIkGmzkhYZWkn0hjekXAEiy43NLEyVP3eTGO6fudgUcbCYNBOy-3YlwfVyjrRjBEfklljTkWHvXo5MZg33MmQFlk_Q_sfHELx3i3Wjw_sMvDRhrPbMUvQN2i6RvEnGU9b5I_GhO0L61d59-mcm6XKOBjIKLFDg7irXeJCZx7eHzoox7eMI8MXpTJAr1yYuEcB1eAq5dgCAyUrAgMq55j9R9Ht1zh2gllkRMDa7mV4HQfId4ZVv7m5bj6YgPGZlD1jCxJHU-5TlOeL5kBmqaWiDR7BhscD0t1n0nhWqHgTNgeGgUmdaI0MlzXF3tZ1XVhbzNYZFMbyi6ZtU2iGArivrPnyAwieHy4eT49hXvg0u-cYDjwpv7lOTQ11kXxTMAHy-Z6bL8AQW5i7Iyh_JOpf6ZsFIXK2Hoby7ov3ZweHDuCBTsAJOd4dHxLU_KDmU4CFODhL0BZGrtHxFQfEdV7b1sMeIlJymFcH8JiirxYq5VWnABJ2d89qgBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAe6oPhsqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQqP4O0ggRCIDhgHAQARgdMgLrAjoCgECACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItMTAwMDc2OTg5ODE2OTA5MRiXzHA&sigh=iMSxyyC5y1w&uach_m=[UACH]&cid=CAQSPADUE5ymGE5yYgUrpVnqgGxfBZm9wf9burfKqvmFt-9jBUa_dInFYNS-MIJRmJ3BfuPgUbyHruV0mmHyUBgB
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2EA6 2 KB
3 KB 74ms
21ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
server: cafe
age: 35510
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 08 Apr 2023 18:05:12 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2EA6 295 B
353 B 74ms
22ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 07:58:03 GMT
x-content-type-options: nosniff
server: cafe
age: 71939
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 08 Apr 2023 07:58:03 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2EA6 0
0 32ms
29ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQWBbXXOMnRHiRboO0XtTjlxAPTPMydF6-iMVa1YmX_6IBdc9AnwpsTrtbOmowonDNxi9DB
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2EA6 0
0 68ms
66ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuT3yDeYwZJSoLdiS7_UPtcacmAuhuc73b6SfkqH6ELCQHxABII-wpHNglYKHgpgHoAGOtOz-A8gBCakCI95S6LTVtD7gAgCoAwHIAwqqBJgDT9AMtD6XQd1jGEBVq3-ew0YRmv-1BX5_3wTUel3gLnq1ZDoehvG-YhXSGCzCUrj65i6MjExrD-o5V5PRhtGco1FILkL_LvaLoFpJfV6eNBYZmtwgzy8a14AfnLXBvjGxuKhuabhuZTBqjif97ZlsMa6TIAmIK2CTNodxaNBfZ1aYBRq3u5-EUv8CMWBXMNLSOQ7ekF7Q36QNeJDlFlEzic2_9Q2gXxdSS71Sd0_LHmbQf_PbImtloYaqXvUTIWdVdiAp691JPXGfPZr0Cd5_3x0IAqIc-Gyd-uXJSo38fLGtGhA16Wd8laQNHLMekknlPeelK67G_UCt1lUD-b1MouFIynQ7QUB2OGgJJE2Ma6LO3PA8Z6MXF57mWtfR2Cvh5laQB-4bKssXWPyI9aJ_YjEwEF1XwTyduFN92ua5PKEeGf423f65MsLnCtsyKDhneYHFTugGtqUtMHLsL3DQ8EfvdfZLzR3-ST5qnw-qkvwtesANNxC7on7vvB64rioBKQ91zjEE2zHGb5EQwO1YruT4snJgg81wwASBjM3wqgTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH2suTAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKTsAtIIEQiA4YBwEAEYHTIC6wI6AoBAgAoDyAsBuBPkA9gTAtAVAYAXAbIXHgocCAASFHB1Yi0xMDAwNzY5ODk4MTY5MDkxGJfMcA&sigh=ALXOldWdz7M&uach_m=[UACH]&cid=CAQSPADUE5ymGE5yYgUrpVnqgGxfBZm9wf9burfKqvmFt-9jBUa_dInFYNS-MIJRmJ3BfuPgUbyHruV0mmHyUBgB&template_id=484
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4565349332739136614/ Frame 2EA6 27 KB
27 KB 95ms
50ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4565349332739136614/14763004658117789537?w=400&h=209

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00ba8e67fe032daa140484ad62f7204d61c0356a2fa3f6136b425a4cf9e1aeab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 04:05:38 GMT
x-content-type-options: nosniff
age: 85884
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28019
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 10:22:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Apr 2024 04:05:38 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3230300524763092706/ Frame 2EA6 11 KB
11 KB 64ms
22ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3230300524763092706/14763004658117789537?w=200&h=200

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb78d5f80df70d6980f7a6b09ba6493493baa5350c3ef31440bab58ea87279db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 00:49:56 GMT
x-content-type-options: nosniff
age: 97626
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11225
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 22:40:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Apr 2024 00:49:56 GMT

GET
DATA 200
OK truncated
/ Frame 2EA6 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 061a22aec83389ec9674e466370f4fb48e37fbb0f50802501eabe914b7046ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 b9pj45k4 Show response
sync-tm.everesttech.net/upi/pid/ Frame E95C 85 B
259 B 118ms
117ms Document
image/png 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Sat, 08 Apr 2023 03:57:02 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn-etou8220048-HHN
x-timer: S1680926222.279535,VS0,VE93

GET
H/1.1 200
OK dcm Show response
s.amazon-adsystem.com/ Frame B013 43 B
855 B 112ms
111ms Document
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=CA1F42D7-9DA3-46D8-8CE0-68774AE5AA84&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 08 Apr 2023 03:57:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: FD7FJCA7H5VSG4D24E6M

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 3ED4
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGUWgwN0lZY3dBQUNGSHRkRWRhZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFQh07IYcwAACFHtdEdag&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAFQh07IYcwAACFHtdEdag&pid=558502&do=add&gdpr=0
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFQh07IYcwAACFHtdEdag&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7502919708882472317&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFQh07IYcwAACFHtdEdag&gdpr=0&gdpr_consent=

42 B
278 B

25ms
25ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFQh07IYcwAACFHtdEdag&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 08 Apr 2023 03:57:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 08 Apr 2023 03:57:03 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFQh07IYcwAACFHtdEdag&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CE8D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yh9C152jRtiM4Gh3SuWqhA%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

37ms
21ms

Image
text/html

2.19.228.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Server: 2.19.228.187 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-228-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:02 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=68121
accept-ranges: bytes
content-length: 5554
expires: Sat, 08 Apr 2023 22:52:23 GMT

Redirect headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame CE8D 49 B
265 B 154ms
45ms Image
image/gif 54.154.21.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CA1F42D7-9DA3-46D8-8CE0-68774AE5AA84&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.21.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-21-107.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.31.89
content-length: 49
expires: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame CE8D
Redirect Chain

https://eb2.3lift.com/xuid?mid=7976&xuid=CA1F42D7-9DA3-46D8-8CE0-68774AE5AA84&dongle=u6nf&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=CA1F42D7-9DA3-46D8-8CE0-68774AE5AA84&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

26ms
26ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=CA1F42D7-9DA3-46D8-8CE0-68774AE5AA84&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 08 Apr 2023 03:57:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7976&xuid=CA1F42D7-9DA3-46D8-8CE0-68774AE5AA84&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date: Sat, 08 Apr 2023 03:57:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 403 insync
thrtle.com/ Frame CE8D 0
0 348ms
111ms Image
text/html 35.171.222.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=CA1F42D7-9DA3-46D8-8CE0-68774AE5AA84&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.222.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-222-142.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CE8D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0ExRjQyRDctOURBMy00NkQ4LThDRTAtNjg3NzRBRTVBQTg0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

96ms
26ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 08 Apr 2023 03:57:00 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CE8D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELceS_-HxWGA5LvPKEORJ0Q&google_cver=1

42 B
529 B

96ms
25ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELceS_-HxWGA5LvPKEORJ0Q&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 08 Apr 2023 03:57:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELceS_-HxWGA5LvPKEORJ0Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame CE8D 43 B
610 B 109ms
27ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:02 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 07 Apr 2023 03:57:02 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CE8D
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2344634454930398067&gdpr=0&gdpr_consent=&us_privacy=

1 B
406 B

537ms
170ms

Image
text/html

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2344634454930398067&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sat, 08 Apr 2023 03:57:02 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2344634454930398067&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sat, 08 Apr 2023 03:57:02 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame CE8D 70 B
264 B 50ms
48ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 08 Apr 2023 03:57:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame CE8D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CA1F42D7-9DA3-46D8-8CE0-68774AE5AA84&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oEF7ZqlE2uVQJpz8Ujc65UteNZTdSYo-~A&gdpr=0

0
261 B

548ms
168ms

Image
text/plain

104.36.113.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oEF7ZqlE2uVQJpz8Ujc65UteNZTdSYo-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Server: 104.36.113.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:02 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oEF7ZqlE2uVQJpz8Ujc65UteNZTdSYo-~A&gdpr=0
date: Sat, 08 Apr 2023 03:57:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 CA1F42D7-9DA3-46D8-8CE0-68774AE5AA84
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame CE8D 43 B
601 B 52ms
48ms Image
image/gif 2a05:d018:d29:3602:39b1:7ee6:8530:823e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/CA1F42D7-9DA3-46D8-8CE0-68774AE5AA84?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:39b1:7ee6:8530:823e Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 css
fonts.googleapis.com/ Frame C3D6 2 KB
604 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c02b9ec79fbd254fa28c4af580ef583bb835db70e1fe23cf73578011e8c66f14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Apr 2023 03:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Apr 2023 02:40:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Apr 2023 03:57:02 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame C3D6 2 KB
912 B 43ms
42ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 20:01:56 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C3D6 0
0 71ms
71ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDN2kDeYwZJCoLdiS7_UPtcacmAvw-Lewb6GUp4SfEZT_46zONRABII-wpHNglYKHgpgHoAHFobG_AsgBCakCVwINOLdLsj7gAgCoAwHIA8sEqgSXA0_QK1pBsHhoBJLkMq0UH87KRkieNMaaDaPNAKAp6LvE4b2NVwc7P-fVDPqR-2COW_ZRnmKKuVEdJJuXcaniJCxjOdVsXBa2XVvitvPEAt7-MvfytYApDEc2L2Hw2SenTTkGhmWQf3bQ0wk8xLoOocMnwlp3ylwj2Nav9Laf5sreA0nSJU_FZjCj13swmOzwpryrYjY0MExFMJtAfrrcvf5FA8cH-N2lC8Dus2qZbiNNwRANgi7ek9r35XmsV0IhMB5sCyv850W-Nr-u6ZQsa_56ZXz4qe7yLOdbddexrkcwjIA2up96zDTpWK948Mu-veEhWUVqPNYgrhiJP3u46Du24dPZcRC778dbwgct1I7z7jRYc5zN-w79WOXq3DGis9Qq46Zyk1pufdMLkKcOaXfSa89BJbUhKV1tnWWT7edxtiDZZ9IjRX4GLGBqSFitdHbgXE4xsDqw45wnqU5zPkO8GdvzgAEnvlwU11JH-NIdpC8nzmmQDM_wD6AywWVT2XO1CWypITkOJd6qZ9pWbYW1vSz4s9RVwATA76LRkwTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHo97OwAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ-scI0ggRCIDhgHAQARgdMgLrAjoCgECACgPICwHYEwvQFQGYFgGAFwGyFx4KHAgAEhRwdWItMTAwMDc2OTg5ODE2OTA5MRiXzHA&sigh=lRXTB_xgAps&uach_m=[UACH]&cid=CAQSPADUE5ymGE5yYgUrpVnqgGxfBZm9wf9burfKqvmFt-9jBUa_dInFYNS-MIJRmJ3BfuPgUbyHruV0mmHyUBgB&template_id=494
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame C3D6 22 KB
9 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 20:01:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame C3D6 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 20:01:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame C3D6 20 KB
8 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 20:01:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C3D6 0
0 29ms
28ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSHHGPkQF_-ephAAlZ2p8iC065-dK8xZKhGTR-W9dNo16Qt0I1veXYL0oKBPsfg2hAL5Tc7
Requested by: Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C3D6 159 KB
49 KB 107ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Apr 2023 03:57:02 GMT

GET
H2 200 44008b7cb3297f7f50c87c2397b9ea58.js Show response
www.gstatic.com/mysidia/ Frame C3D6 34 KB
15 KB 90ms
20ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/44008b7cb3297f7f50c87c2397b9ea58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14387
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 16:44:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 20:01:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2732 2 KB
604 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c02b9ec79fbd254fa28c4af580ef583bb835db70e1fe23cf73578011e8c66f14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Apr 2023 03:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Apr 2023 02:35:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Apr 2023 03:57:02 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 2732 2 KB
799 B 45ms
43ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 20:01:56 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2732 0
0 72ms
71ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CPDn2DeYwZJKoLdiS7_UPtcacmAvw-Lewb6GUp4SfEZT_46zONRABII-wpHNglYKHgpgHoAHFobG_AsgBCakCVwINOLdLsj7gAgCoAwHIA8sEqgSeA0_QZpGFNikDptgt5AEkFcgzqVfgdz86BGcv88-ZSVro02ZU751X-OCSKrhMjq5XvbdmTQGV3ED-SaCCjosHDkb26Abvv1b1Pd25wVxHxPa5BHIf3AsJrykUbIbvX1NvJyDoGlPdDrK75L9NknVtFdNwaIOLe8C0SXGHcETEP54imnPWT9tRAydK6rStt63uCrw63fGqgf_OolsLFY4xYGTx1xCDxqHzcJorqd7Pzohj8WSK7xlqLEh5TfKNKMit6ehaOGOlCRQ6lqbutHNmaJMVyyZ0WVyfMngiMkYp401n7paDz0PSxhB1eR0f_xOgOhLr7e6dBtXwFvHTY_Gj93noVY-OGU-UKb6arL1Rp4bRMeNUIjq53nzAgUeu-SPAJqkpxMsvMkT22RwD6i5rDQHc6L4aDOSb0qrTt_hFI03bq2pcFOh6MZhRhk8gZIdTDS8TjA_tfQN4W5Ep-xPJYDmaszhxtUu6JwfqsQ8JeQVlA-aP-O7e1wKgyDCH1WDSqHz2wbBZ3qi09xDc-PKGkbx1B229L4V9mDNR1zLcEMAEwO-i0ZME4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6PezsABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEN2kC9IIEQiA4YBwEAEYHTIC6wI6AoBAgAoDyAsB2BML0BUBmBYBgBcBshceChwIABIUcHViLTEwMDA3Njk4OTgxNjkwOTEYl8xw&sigh=jSx-R3IJyDw&uach_m=[UACH]&cid=CAQSPADUE5ymGE5yYgUrpVnqgGxfBZm9wf9burfKqvmFt-9jBUa_dInFYNS-MIJRmJ3BfuPgUbyHruV0mmHyUBgB&template_id=494
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 2732 22 KB
9 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 20:01:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 2732 3 KB
1 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 20:01:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 2732 20 KB
8 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 20:01:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2732 0
0 56ms
55ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTyT5LE0Fj_Oavk97ZFyPQQ_EsBqREQc6MVif16dF7dpWbmZe9CGYBh2YJ-K83ytkenHhqt
Requested by: Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2732 159 KB
49 KB 130ms
65ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Apr 2023 03:57:02 GMT

GET
H2 200 44008b7cb3297f7f50c87c2397b9ea58.js Show response
www.gstatic.com/mysidia/ Frame 2732 34 KB
14 KB 90ms
25ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/44008b7cb3297f7f50c87c2397b9ea58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14387
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 16:44:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 20:01:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D308 2 KB
604 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c02b9ec79fbd254fa28c4af580ef583bb835db70e1fe23cf73578011e8c66f14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Apr 2023 03:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Apr 2023 02:36:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Apr 2023 03:57:02 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame D308 2 KB
799 B 43ms
43ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 20:01:56 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D308 0
0 65ms
65ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvCqKDeYwZJOoLdiS7_UPtcacmAv6_8C-b7jn1N3qDdzZHhABII-wpHNglYKHgpgHoAHQ2oC0AsgBCakCVwINOLdLsj7gAgCoAwHIA8sEqgSrA0_Q8kaGSJk1B__7Zq2gjgfkalSHS_3P8225ARDTNBo_fw44B2Rjq50AulWwrQ0Biqtxuk4sK1E_8yKMoA8oXdkWZYhTJ_Lq8_e-siThH4uT1MS-wSoWreJFM3-Xfpg80XtxjzdNgw5yW9wPzl-k6epAqOhiy0P-5tFQdGq3YrsALM-uNFCQQVR17J-v3GYmZRCItD5jtgSWfbs6flRSIW1eaLsi8H3JHM-6stqhIvJzOk9lec2Yfcxa5h8HvEWEUPLSecFD5EMnZ-F_KbRe4L2q1HuVZsA1Dc0n8NI6hV13Vv_ez6iK2E8u_24PzW_RRJatdWI5VI3naEZ8XDsvAWt2mEZoQLjFl9yFcXmQru8yPq8QEiW3VtLHV84S1CynAO9i7gA4uPhfBDCFDftVrgCx1sKNxHG39oNXHhUD0p5Z6EHhGsbvuS5oH5umM5enfjBrMqcGH3I8WgFET1KlIqYlM-UWYLGI6-btzRLCjOMZJ8rtOtwAFG0Jn5JXZPbrPDxv68KwCUx6O4dFJC_LLSbNT6OcH0T1PDazbSQmK16f19FxtS7JBBiEbZHABIvd7J_RA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeYpf_LAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBC5xwnSCBEIgOGAcBABGB0yAusCOgKAQIAKA8gLAdgTAogUA9AVAYAXAbIXHgocCAASFHB1Yi0xMDAwNzY5ODk4MTY5MDkxGJfMcA&sigh=TrGJ5ggsJpQ&uach_m=[UACH]&cid=CAQSPADUE5ymGE5yYgUrpVnqgGxfBZm9wf9burfKqvmFt-9jBUa_dInFYNS-MIJRmJ3BfuPgUbyHruV0mmHyUBgB&template_id=494
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame D308 22 KB
9 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 20:01:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame D308 3 KB
1 KB 54ms
52ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 20:01:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame D308 20 KB
8 KB 54ms
52ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 20:01:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D308 0
0 52ms
51ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTnEsEInWBwadLIYbwEXjqF8FIjAvLqYJmc0PmwMVRgvcuFbpH2ITZ7Dd4BUAkctVyFYaGv
Requested by: Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D308 159 KB
49 KB 139ms
78ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Apr 2023 03:57:02 GMT

GET
H2 200 44008b7cb3297f7f50c87c2397b9ea58.js Show response
www.gstatic.com/mysidia/ Frame D308 34 KB
14 KB 100ms
40ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/44008b7cb3297f7f50c87c2397b9ea58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14387
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 16:44:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 20:01:56 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame C455 4 KB
705 B 41ms
38ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Apr 2023 03:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Apr 2023 02:41:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Apr 2023 03:57:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9883 8 KB
966 B 37ms
36ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Apr 2023 03:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Apr 2023 02:35:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Apr 2023 03:57:02 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 9883 2 KB
799 B 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 20:01:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 9883 22 KB
9 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 20:01:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 9883 3 KB
1 KB 40ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 20:01:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 9883 20 KB
8 KB 39ms
34ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 20:01:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9883 0
0 41ms
39ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSven_p24EenK3V3SrmMqIwagvKp41-uiufLH0yyhXsQ1jDrQpYSKCpeAkD7L2vvxSjX-Qv
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9883 159 KB
49 KB 119ms
74ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Apr 2023 03:57:02 GMT

GET
H2 200 44008b7cb3297f7f50c87c2397b9ea58.js Show response
www.gstatic.com/mysidia/ Frame 9883 34 KB
14 KB 90ms
46ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/44008b7cb3297f7f50c87c2397b9ea58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14387
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 16:44:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 20:01:56 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/ Frame C455 19 KB
8 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 22:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20740
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8171
x-xss-protection: 0
server: cafe
etag: 2240023182167719722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 22:11:22 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C455 205 B
519 B 85ms
45ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 22:59:53 GMT
x-content-type-options: nosniff
age: 17829
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 06 Apr 2024 22:59:53 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C455 604 B
695 B 90ms
50ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 22:37:44 GMT
x-content-type-options: nosniff
age: 19158
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 06 Apr 2024 22:37:44 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame C3D6 25 KB
25 KB 113ms
27ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRunZX94mUIAKVQC6IQsC4QrINFpEYZaR7BxUITx8bow2ZX0yeEJWr2iOLdrA&usqp=CAI

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abb10d49c1f03e714d921c0050900b4585c84f492b6946eef8afec8173d8b48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 07:43:52 GMT
x-content-type-options: nosniff
age: 72790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25873
x-xss-protection: 0
last-modified: Sat, 29 Jan 2022 15:41:42 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 06 Apr 2024 07:43:52 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame C3D6 22 KB
23 KB 110ms
21ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRWzcPUzI2rqBjSXXpwbaY3BXdzwf892QvIqp8q-c6j8veYPKuugnHmXoP8eg&usqp=CAI

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c291d3b9a1e01ff91f0d4e19da2004530e0e7f191e93655cb6cf805f50bd4dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:41:16 GMT
x-content-type-options: nosniff
age: 231346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22756
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 14:10:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 04 Apr 2024 11:41:16 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame C3D6 19 KB
20 KB 107ms
21ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTo4EyCLvtTOSBzQ7UTPyOPCNOq3W8jiYzpKwctNYnaE6AvVhohZ5uGVotR3wk&usqp=CAI

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a49b1979c38d9739ecd887cbb3e321203ee6cee7a834251a1a3e46874b4df66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 17:23:13 GMT
x-content-type-options: nosniff
age: 297229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19898
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 01:00:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 03 Apr 2024 17:23:13 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame C3D6 23 KB
23 KB 124ms
39ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSQsGFSUqV1aAGE9Lf38zF44I5VJvGs-dgKbCm95HTuxb0QmlTFB5nkiC2hXeI&usqp=CAI

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0da04921f18c4798b1f30208f918f4e8dac74dddc5aa652e9a614a938a1b8b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 04:03:31 GMT
x-content-type-options: nosniff
age: 86011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23544
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 12:11:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 06 Apr 2024 04:03:31 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame C3D6 27 KB
27 KB 133ms
48ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSeozpm-hTbBpI8ddJsapYbJXfXMl5dJ7zve3Y7HiONUBUTpbJLFxBcyjWZIA&usqp=CAI

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28ad118d5a45f0c93ec68be77f9b897d87f304c79aeb840bbe141a4952a22ed1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 13:37:56 GMT
x-content-type-options: nosniff
age: 397146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27222
x-xss-protection: 0
last-modified: Thu, 12 May 2022 06:12:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 02 Apr 2024 13:37:56 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame C3D6 30 KB
30 KB 136ms
47ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQBFXq3pC4L9VLoaEG0I_MXajkL-vmjasp-DOksJV-IvnYZrANSg31TEowWXg&usqp=CAI

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a4b16e67f4165970762075d032af6ef1b8eae1434ad8a8f704c669a03ea1d56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 02:23:04 GMT
x-content-type-options: nosniff
age: 5638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30908
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 10:29:11 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Apr 2024 02:23:04 GMT

GET
H3

200

9476004575568886091
tpc.googlesyndication.com/simgad/ Frame C3D6
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCIgOD4wAEQ9AQY9AQyCI-zxDEN_2uG
https://tpc.googlesyndication.com/simgad/9476004575568886091

36 KB
36 KB

26ms
26ms

Image
image/png

2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9476004575568886091

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644c15ebbf068765858a664c8d275ea376c3d5418612dfc246e77fd03ee017a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:05:48 GMT
x-content-type-options: nosniff
age: 35474
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36900
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 11:26:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Apr 2024 18:05:48 GMT

Redirect headers

date: Fri, 07 Apr 2023 05:22:21 GMT
x-content-type-options: nosniff
server: cafe
age: 81281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/9476004575568886091
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 07 May 2023 05:22:21 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 2732 22 KB
22 KB 125ms
38ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRWzcPUzI2rqBjSXXpwbaY3BXdzwf892QvIqp8q-c6j8veYPKuugnHmXoP8eg&usqp=CAI

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c291d3b9a1e01ff91f0d4e19da2004530e0e7f191e93655cb6cf805f50bd4dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 11:41:16 GMT
x-content-type-options: nosniff
age: 231346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22756
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 14:10:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 04 Apr 2024 11:41:16 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 2732 25 KB
25 KB 131ms
47ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRunZX94mUIAKVQC6IQsC4QrINFpEYZaR7BxUITx8bow2ZX0yeEJWr2iOLdrA&usqp=CAI

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abb10d49c1f03e714d921c0050900b4585c84f492b6946eef8afec8173d8b48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 07:43:52 GMT
x-content-type-options: nosniff
age: 72790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25873
x-xss-protection: 0
last-modified: Sat, 29 Jan 2022 15:41:42 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 06 Apr 2024 07:43:52 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 2732 22 KB
23 KB 104ms
22ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcT1kAvZu1HHK5LhDdZ0SisKi1TaJLUq_6KSAxpfIMGiFPy99ClLO106R-bf1A&usqp=CAI

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73739839445b15229b65abe8f8ed4807707744fb255e36dcfefd7a25cdb63e59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 07:21:40 GMT
x-content-type-options: nosniff
age: 419722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23027
x-xss-protection: 0
last-modified: Sun, 07 Aug 2022 08:23:47 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 02 Apr 2024 07:21:40 GMT

GET
H3

200

5124784873045547656
tpc.googlesyndication.com/simgad/ Frame 2732
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODAmoD17AEQlgEYlgEyCPPmLLBZeJQa
https://tpc.googlesyndication.com/simgad/5124784873045547656

3 KB
3 KB

35ms
35ms

Image
image/jpeg

2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5124784873045547656

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

640ad7901260e50fbe6d191ce8a1a60157ac03af086c7019c4e1c66f5edce304

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:06:07 GMT
x-content-type-options: nosniff
age: 35455
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3471
x-xss-protection: 0
last-modified: Mon, 27 Dec 2021 14:59:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Apr 2024 18:06:07 GMT

Redirect headers

date: Fri, 07 Apr 2023 07:55:51 GMT
x-content-type-options: nosniff
server: cafe
age: 72071
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/5124784873045547656
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 07 May 2023 07:55:51 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame D308 16 KB
16 KB 139ms
58ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTXAk5K2lx4KGQtTMWBQb6OxcGs5c_PTyj5VVKBo9wR6vqqbJer3zXDfesJquY&usqp=CAI

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5558ff5abadea6c680effca345feac36a302af14b5a557986d7ffa5abeda6d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 01:03:28 GMT
x-content-type-options: nosniff
age: 10414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16389
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 09:32:12 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Apr 2024 01:03:28 GMT

GET
H3

200

9794754301439884368
tpc.googlesyndication.com/simgad/ Frame D308
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDPy-HUQRD0Axj0AzIIEFFLLFZFNqg
https://tpc.googlesyndication.com/simgad/9794754301439884368

42 KB
42 KB

22ms
22ms

Image
image/jpeg

2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9794754301439884368

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea9339d345ec52bbedde9963994dd1a77ffabfbe8bbae98bd7131b40f6f5f8e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 01:09:38 GMT
x-content-type-options: nosniff
age: 10044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42815
x-xss-protection: 0
last-modified: Wed, 09 Dec 2020 09:35:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Apr 2024 01:09:38 GMT

Redirect headers

date: Sat, 08 Apr 2023 03:44:36 GMT
x-content-type-options: nosniff
server: cafe
age: 746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/9794754301439884368
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 08 May 2023 03:44:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2EA6 15 KB
16 KB 85ms
20ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.timesnownews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:10 GMT
x-content-type-options: nosniff
age: 321952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:10 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2EA6 15 KB
15 KB 89ms
25ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.timesnownews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 321951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:11 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 8BC6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

63ms
32ms

Image
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Redirect headers

date: Sat, 08 Apr 2023 03:57:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BA38 143 B
382 B 75ms
21ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Apr 2023 03:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2732 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0da994bb9f52f8003feb94e6ec5230778c808e1d573e682ab3213e9387e0a694

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C3D6 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66158cef853b0ccb38a1ed1076addcba0877ca5b946572432ce3b2820daff283

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D308 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f95ee55ecca305b0d2ab379ee5c3fe559f935d0cb9a5e735928a58b0b4555806

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame C3D6 20 KB
20 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 321958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:04 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 2732 20 KB
20 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 321958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:04 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame D308 20 KB
20 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 321958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:04 GMT

GET
H2 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 01CE 36 KB
14 KB 76ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BA38
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
145 B

29ms
29ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
URL: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Apr 2023 03:57:02 GMT
expires: Sat, 08 Apr 2023 03:57:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Apr 2023 03:57:02 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame F909 36 KB
14 KB 78ms
25ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

GET
H2 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 627F 36 KB
14 KB 43ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

GET
H2 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 22B4 36 KB
14 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6375 0
861 B 21ms
20ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 03:57:02 GMT
AN-X-Request-Uuid: 887285f8-55e5-45e1-87ff-ad554ddef732
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8BC6 42 B
289 B 65ms
64ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszVMaWTatCpcTx-uMGOVkeoEHSRbbyM9RqpxcyLx60-c7ND8cAj5e8cx4HS7DDDLvc2Q_L4CSzSpWMf6dbeuCVa7JJ2j37sYrJLTGFJvzKH4wrxOc6AqNebsY5do6OefdoQJi45KwlICnc3x6j8weW3iV__O5CLjYv&sai=AMfl-YSUGGlRilnPPHRQMuxGBAgkKQ9iJHN9XP4N80VfkrKnZ3WUxQcSm3Gwt_jsX3dLXgduaJwU4OZRMVFO2BNH6B2GUs1EpEj_EIutDlyw2C1nsqmDd8DF-nIdcSP1&sig=Cg0ArKJSzHT789RHEulaEAE&cid=CAQSPADUE5ymGE5yYgUrpVnqgGxfBZm9wf9burfKqvmFt-9jBUa_dInFYNS-MIJRmJ3BfuPgUbyHruV0mmHyUBgB&id=ampim&o=1060,527&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=371&tls=1371&g=100&h=100&tt=1372&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
254 B 526ms
110ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a00003ALsQFAA1&gdpr=0&src=pbjs&ver=6.29.3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 08 Apr 2023 03:57:03 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.timesnownews.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
321 B 60ms
45ms XHR
application/json 54.154.21.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.21.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-21-107.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:03 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.timesnownews.com
cache-control: no-cache
x-server: 10.45.22.199
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
393 B 47ms
46ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: cf21c64f1fad6afe9540b32bbe8d830934343b25b06c438437b1455e5c3b7ce9

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 08 Apr 2023 03:57:03 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.timesnownews.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Mon, 08 May 2023 03:57:03 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
186 B 677ms
333ms XHR
text/plain 204.237.133.242
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=156537
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.237.133.242 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:04 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.timesnownews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C3D6 42 B
64 B 104ms
59ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvi3gzkxtF35NB5Bwn9QXSQGq4-q9EqvODp-mx8uoP5pv2snIdc7SaWysS9qzgcIDTovXor-5N0ZmspT94GRbVxe0w3akSTmtUSF7nJE1Y-ObWPMJuOYkorOnZnKtW2GHzDQ-NASA&sai=AMfl-YQ7wDO26errLRFCmpTzXIPY0eW85zxOZCBKOwqpaSSZGkvUPKnIWnQZCxkRMDUAUiX4y5ZLwJR6sUdoSGhsPwY5TWhm3P_oBwxI7ekoEaFW7y1Tfdi3Y__vC3GV&sig=Cg0ArKJSzAd08U0Z6xeWEAE&cid=CAQSPADUE5ymGE5yYgUrpVnqgGxfBZm9wf9burfKqvmFt-9jBUa_dInFYNS-MIJRmJ3BfuPgUbyHruV0mmHyUBgB&id=lidar2&mcvt=1006&p=5,310,95,1290&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20230405&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=598348027&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680926222169&rpt=420&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 69ms
69ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c192277938a388715dcdf70b56044a1d3f2fa9c473da46400206a079a5a7e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11352
x-xss-protection: 0

GET
H2 200 a
www.googletagmanager.com/ 0
59 B 33ms
32ms Image
text/html 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=567466018&rv=3430&cid=UA-64032556-12&l=UA-64032556-12.L986.S0.Y13.E2824.TC1.HTC0~gtm.init.S0.E189~gtm.js.S0.E214.TS5rep.TE0~gtm.dom.S0.E185~*.S0.E3~gtm.load.S0.E0~gtm.init_consent.S0.E190&qi=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:03 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 08 Apr 2023 03:57:03 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A257 13 KB
5 KB 21ms
21ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 30784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Apr 2023 19:23:59 GMT
expires: Sat, 06 Apr 2024 19:23:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BE0B 783 B
535 B 30ms
30ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

acdd8781391b6bf24f515570a5d64c8703980d2d3beebeb28418b78d51dd8a09

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hQtWDy7l75_8CaJqPRqTqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-hQtWDy7l75_8CaJqPRqTqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 08 Apr 2023 03:57:03 GMT
expires: Sat, 08 Apr 2023 03:57:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame A257 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BE0B 0
0 53ms
53ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304030101&jk=3679870996066378&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A257 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sE_g0g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame CE8D 0
128 B 169ms
168ms Script
text/plain 104.36.113.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156537&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:49:22 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
56ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304030101&jk=3679870996066378&bg=!r6ylrPjNAAYIJb0jKCU7ADkAdvg8WviLLXLTvrmBb5ZEO6uUt_CTyuQazdtlT9A0eJUSIwUBkWNylqEXOS0tsZEsNUbtd4CbMmkCAAAAQlIAAAADaAEHmQKzjF3iGlIHJzihtIra4Oq7KFe4XG0iBU_trDgZkSPMahscIrwCzI5tcBdji9H81KLNSwCB1LDL4UJa1euEdxNvMEaZDh7AuiAzCTZMNCuiycau4uKBybS4X90Il9LkXJofN30xtAw-NICdNc_n1W56YS6cKbLWB-ysBhdacBLG5Eag_ZLyp9iIXQZBG3r1lsDk59aCB5BIW_U0fwH4SIBLcsSnpgLQCYe98MvlmpfOabdS9C00NC9H-g4yUBlyOD5IVHxcAdGTFET6pQKr0FNZeZQH8bMPe5K9AGM1c-0Um3QFwu7Oe9HM4c-DpBvc_9ks1oACzBtvSuzeIBtmi6NAwRTevBUxA-UytXHHVdX0QViwvCLcjEUFJPlS7bJAVmsmsEeePJz3cQR9JCCuJgWh5c6aUYBqpYkFv3L6CLgrgyAQmCfw2E2hvulSsNKExrI7BWhi30El126rpQ-77LS26PXB7JPI8aGer3g8B3hcHp6L4b0h6xl0T4_a0fH1TlpgZwRAvMuq18fxSmy4xhwJbfltEQWuiWNJSdbP327s3qSVtkrf29g_1gLR4lLSCpMrk8IV7aJzAirSkBZonlDCTFveTbjHlkRcZ_EV7rQ-zk8xMfcssa9LSYziIC4UiblYBz-G5JxMBjauYnJin008yS1vmFMZ-Xkamog792iJRj6ijDsd598jWumfuuVADSEMUfEpxZZ9bc5ywYNdp_FXFoo9MT48Dg_IFIIQNWaHsC8m22JaNMxpC33R5895MmyzjSPalSspCiTi3HJrA3iPSbMaleTYi3GALAZO3YsiFNgZSUGNBFFjB-tkA9GxA4RN3pUA9-Xuf9jn3O6Lmd0xnZAG84vm7nYHQqfbwYzRx0brhITVCSCIgU9pCB7sWTUN156mSJoJfDhQzzzSE2irFUD-Fg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 ibeat.min.js Show response
agi-static.indiatimes.com/cms-common/ 13 KB
5 KB 148ms
35ms Script
application/json 2a02:26f0:480:385::3857
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://agi-static.indiatimes.com/cms-common/ibeat.min.js
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:385::3857 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c2fedf955f2114ffaa39be325ae5bcb7f60de66f47a2291a691cd97a59c7021

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:57:05 GMT
content-encoding: gzip
x-amz-request-id: PQ8F2XN9MWKQ0BB7
x-amz-server-side-encryption: AES256
content-length: 4251
x-amz-id-2: p4t/rv8FE1igIc1elHKUVmHvzJNe4Pb8yGpdVgdeXouO1EtMrDGo602kNsAvaOMFblMcLPeZ5Co=
last-modified: Thu, 09 Feb 2023 10:35:42 GMT
server: AmazonS3
etag: "b991f5c02126048fdfb1f1490e43b8c5"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET,POST
access-control-expose-headers: Date
cache-control: max-age=55539
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 08 Apr 2023 19:22:44 GMT

GET
H2 200 ping
api.ibeat-analytics.com/ 0
403 B 261ms
152ms Image
text/plain 2a02:26f0:480:c::210:f198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.ibeat-analytics.com/ping?&url=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&et=po&sid=15e60e35-26fc-44df-b731-18d8a326b2b5&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36&ln=0&ref=&ut=1&pot=1680926225914&at=5000&tt=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Sat, 08 Apr 2023 03:57:06 GMT
x-content-type-options: nosniff
server: Bhoot
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://ibeatserv.indiatimes.com
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=112, origin; dur=3, ak_p; desc="466923_34664536_38832243_11487_4058_32_0";dur=1
access-control-allow-headers: content-type
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 28ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-77TJDBEN7S&gtm=45je3430&_p=2038072175&cid=1867847681.1680926221&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1680926220&sct=1&seg=0&dl=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&dt=Threat%20Mail%20Sent%20To%20Noida%20News%20Channel%20Claims%20Plot%20To%20Assassinate%20PM%20Modi%2C%20UP%20CM%20Yogi%20%E2%80%94%20DETAILS%20%7C%20India%20News%2C%20Times%20Now&en=Player%20Error&_ee=1&ep.event_category=Live%20TV&ep.event_label=Times%20Now%7C1xfny336u9&_et=916
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-77TJDBEN7S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 03:57:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.timesnownews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

247 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.timesnownews.com/	1970-01-20 11:38:38	Name: _pbjs_userid_consent_data Value: 3524755945110770
.timesnownews.com/	1970-01-20 20:24:14	Name: _cb Value: CGsNsVCwLBI4B4DMEF
.timesnownews.com/	1970-01-20 20:24:14	Name: _chartbeat2 Value: .1680926220927.1680926220927.1.7KUT-CDD3GCCPTas8BrkgDBfJW46.1
.timesnownews.com/	1970-01-20 10:55:28	Name: _cb_svref Value: null
.izooto.com/	1970-01-20 20:31:26	Name: IZCID Value: 42cc064e-156c-482a-8100-8d7c88100705
.timesnownews.com/	1970-01-20 20:31:26	Name: _ga Value: GA1.2.1867847681.1680926221
.timesnownews.com/	1970-01-20 10:56:52	Name: _gid Value: GA1.2.1083996617.1680926221
.timesnownews.com/	1970-01-20 10:55:26	Name: _gat_gtag_UA_64032556_12 Value: 1
.timesnownews.com/	1970-01-20 20:31:26	Name: _grx Value: b9bba92f-f05e-413c-9a3e-e27cb706058c
.rubiconproject.com/	1970-01-20 19:41:02	Name: khaos Value: LG7G2L03-1D-30FE
.rubiconproject.com/	1970-01-20 19:41:02	Name: audit Value: 1\|naVuGyos1qph0h8la2fDvLU1ZxogGjlwOA+xFj1I9sdpdF/86rQGb/avFgRRzqJMcGo/FXllJk+QnGUMpWA3DXKY++jymV4/GQP1iLI3TC2Ou+Ayq12NSQ==
.mgid.com/	1970-01-20 10:55:28	Name: __cf_bm Value: 6lQhQ64bhV4CGA5T7uVSwDDcar4NDeEeNxVWEhwTbt4-1680926221-0-AeLI4uokK8TwB0IPpeJTcPQRer8mf1BPiH9/DFBWL9OJC0IeDE+XqpRgXpygoVI35xbPMpi4JjzhqU4wl4mXRTQ=
.adnxs.com/	1970-01-20 13:05:02	Name: icu Value: ChkI-7GJARAKGAEgASgBMI3Mw6EGOAFAAUgBEI3Mw6EGGAA.
.adnxs.com/	1970-01-20 13:05:02	Name: uuid2 Value: 818824508118379394
.casalemedia.com/	1970-01-20 19:41:02	Name: CMID Value: ZDDmDZV1vG.6jNd3IA-3iwAA
.casalemedia.com/	1970-01-20 13:05:02	Name: CMPS Value: 5292
.casalemedia.com/	1970-01-20 13:05:02	Name: CMPRO Value: 5292
.doubleclick.net/	1970-01-20 20:17:02	Name: IDE Value: AHWqTUldAPUkrznJm4e0xEa4W9Kn_rhZ48V5zaroqEl0k51I0xdM3uYLmxruvNOrU_Q
.rfihub.com/	1970-01-20 20:17:02	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MjE0NjezNDAxMBPiM9Qt1bXMd3U2qfILKDAFADai4TYlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MjE0NjezNDAxMBPiM9Qt1bXMd3U2qfILKDAFADai4TYlAAAA
.rfihub.com/	1970-01-20 20:17:02	Name: eud Value: H4sIAAAAAAAA__vFyGtoZmFgaWRmZGRoZm4BAOVq3YIQAAAA
.ow.pubmatic.com/	1970-01-20 13:05:02	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJpeCI6eyJ1aWQiOiJaRERtRFpWMXZHLjZqTmQzSUEtM2l3QUFcdTAwMjY1MjkyIiwiZXhwaXJlcyI6IjIwMjMtMDQtMjJUMDM6NTc6MDEuNjMzNzExMzIzWiJ9fSwiYmRheSI6IjIwMjMtMDQtMDhUMDM6NTc6MDEuNjMzNjk0NjIxWiJ9
.everesttech.net/	1970-01-20 19:41:02	Name: everest_g_v2 Value: g_surferid~ZDDmDQABKdt0EABL
www.timesnownews.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C1122574%22%3A%7B%22page%22%3A1%2C%22time%22%3A1680926221824%7D%2C%22C1122598%22%3A%7B%22page%22%3A1%2C%22time%22%3A1680926221827%7D%7D
.indiatimes.com/	1970-01-20 20:31:26	Name: deviceid Value: 1ormo8bj1xi3xflykpaqhlnsv
.timesnownews.com/	1970-01-20 20:31:26	Name: _ga_77TJDBEN7S Value: GS1.1.1680926220.1.0.1680926221.0.0.0
.yahoo.com/	1970-01-20 19:41:23	Name: A3 Value: d=AQABBA7mMGQCEB06ZZJJf3pzPKWaSYf5Ml0FEgEBAQE3MmQ6ZAAAAAAA_eMAAA&S=AQAAAh1LpGJRutkeIpmeQGMop7g
.timesnownews.com/	1970-01-20 20:17:02	Name: __gads Value: ID=e95bf0e2d11b85f6:T=1680926221:S=ALNI_MY7WDneOnxOEB6IkeM5Z17fLh67dA
.timesnownews.com/	1970-01-20 20:17:02	Name: __gpi Value: UID=00000bd2c6106f3f:T=1680926221:RT=1680926221:S=ALNI_MaVoCRE13tAsA-cq_z6CihEXges2g
.pubmatic.com/	1970-01-20 19:41:02	Name: KADUSERCOOKIE Value: CA1F42D7-9DA3-46D8-8CE0-68774AE5AA84
.pubmatic.com/	1970-01-20 13:05:02	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 10:56:52	Name: pi Value: 156537:2
.pubmatic.com/	1970-01-20 13:05:02	Name: DPSync3 Value: 1682121600%3A263_262_201_245
.pubmatic.com/	1970-01-20 13:05:02	Name: SyncRTB3 Value: 1681516800%3A223_2%7C1682121600%3A166_21_13_54_71_250_220_22
.linkedin.com/	1970-01-20 19:41:02	Name: bcookie Value: "v=2&93aeb5fa-ee1e-4e66-8547-02257d790882"
.linkedin.com/	1970-01-20 15:14:38	Name: li_gc Value: MTswOzE2ODA5MjYyMjI7MjswMjGKX/zisfa11qKgUnJc4mIafa+U50xxlz+5CO7zePXJQA==
.linkedin.com/	1970-01-20 10:56:52	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2894:u=1:x=1:i=1680926222:t=1681012622:v=2:sig=AQEasAprAYbdMujQSO2HSjaqFimMFaHR"
.amazon-adsystem.com/	1970-01-20 20:31:26	Name: ad-privacy Value: 0
.analytics.yahoo.com/	1970-01-20 19:41:02	Name: IDSYNC Value: "175w~2ayr:18z8~2ayr"
.3lift.com/	1970-01-20 13:05:02	Name: tluid Value: 4316064033037150237696
.turn.com/	1970-01-20 15:14:38	Name: uid Value: 2344634454930398067
.simpli.fi/	1970-01-20 19:42:28	Name: suid Value: 76A2BAB0F7204C359D0AAF4D0F3F67D1
.amazon-adsystem.com/	1970-01-20 17:21:21	Name: ad-id Value: A71zLrmNLk2cs7UyZxzdb_0
.pubmatic.com/	1970-01-20 11:38:38	Name: KRTBCOOKIE_80 Value: 16514-CAESELceS_-HxWGA5LvPKEORJ0Q&KRTB&22987-CAESELceS_-HxWGA5LvPKEORJ0Q&KRTB&23025-CAESELceS_-HxWGA5LvPKEORJ0Q&KRTB&23386-CAESELceS_-HxWGA5LvPKEORJ0Q
.doubleclick.net/	1970-01-20 10:55:29	Name: DSID Value: NO_DATA
.bidr.io/	1970-01-20 20:23:59	Name: bito Value: AAFQh07IYcwAACFHtdEdag
.bidr.io/	1970-01-20 20:23:59	Name: bitoIsSecure Value: ok
.pubmatic.com/	1970-01-20 11:38:38	Name: KRTBCOOKIE_22 Value: 14911-2344634454930398067&KRTB&23150-2344634454930398067
.pubmatic.com/	1970-01-20 11:38:38	Name: PugT Value: 1680926222
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 7551607398d3d4dd
www.timesnownews.com/	1970-01-20 12:21:50	Name: pubmatic-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-04-08T03%3A57%3A03%22%7D
.smartadserver.com/	1970-01-20 20:27:07	Name: pid Value: 7502919708882472317
.smartadserver.com/	1970-01-20 20:27:07	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 19:42:28	Name: csync Value: 127:AAFQh07IYcwAACFHtdEdag
.pubmatic.com/	1970-01-20 11:38:38	Name: KRTBCOOKIE_699 Value: 22727-AAFQh07IYcwAACFHtdEdag
.pubmatic.com/	1970-01-20 11:38:38	Name: SPugT Value: 1680900562
www.timesnownews.com/	1970-01-20 15:18:14	Name: _iibeat_session Value: 15e60e35-26fc-44df-b731-18d8a326b2b5
www.timesnownews.com/	1970-01-20 11:38:38	Name: _iibeat_vt Value: 20230308

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/gsi/status?client_id=516427900873-frpulpnsvv3886s9vlsc2pvq2nhj0uvg.apps.googleusercontent.com&as=GfWIizdHv31IROxdfWHttQ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CA1F42D7-9DA3-46D8-8CE0-68774AE5AA84&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=CA1F42D7-9DA3-46D8-8CE0-68774AE5AA84&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
agi-static.indiatimes.com
api.ibeat-analytics.com
apiprod.timesnownews.com
b1sync.zemanta.com
bh.contextweb.com
c.amazon-adsystem.com
c.mgid.com
cdn.ampproject.org
cdn.indexww.com
cdn.izooto.com
cdn.mgid.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
f00e94c8f004a620697364a458c8dbc0.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geoapi.tnn.in
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
id.crwdcntrl.net
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.rtbsystem.org
js-sec.indexww.com
jsc.mgid.com
jsso.indiatimes.com
jssocdn.indiatimes.com
lexicon.33across.com
mab.chartbeat.com
match.adsrvr.org
match.prod.bidr.io
onelinksmartscript.appsflyer.com
ow.pubmatic.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.rubiconproject.com
platform.instagram.com
platform.twitter.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s-img.mgid.com
s.amazon-adsystem.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
servicer.mgid.com
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.chartbeat.com
static.growthrx.in
static.tnn.in
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adotmob.com
sync.crwdcntrl.net
syndication.twitter.com
t.pubmatic.com
thrtle.com
timesnetwork-d.openx.net
token.rubiconproject.com
tpc.googlesyndication.com
tvid.in
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.instagram.com
www.timesnownews.com
www18.smartadserver.com
104.109.78.125
104.18.10.47
104.18.11.47
104.244.42.72
104.36.113.107
104.36.113.111
104.36.113.112
104.36.113.67
108.138.1.25
13.32.121.37
151.101.66.49
172.217.16.194
178.32.210.227
18.64.94.60
185.183.112.148
185.64.189.110
185.80.39.216
185.86.139.101
193.0.160.130
198.148.27.139
2.19.228.175
2.19.228.187
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
204.237.133.116
204.237.133.242
2600:1901:0:8344::
2600:9000:2057:9600:18:1fcd:351:7bc1
2602:803:c003:200::21
2606:2800:220:de:468:2285:c1:4a3
2606:4700:1::6813:874e
2606:4700:1::6813:884e
2606:4700:3038::6815:eb89
2606:4700::6812:d941
2620:1ec:21::14
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:810::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::200a
2a00:1450:4001:827::200d
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2004
2a00:1450:400c:c1b::9b
2a02:26f0:1700:5::5f65:1b4b
2a02:26f0:1700:5::5f65:1b52
2a02:26f0:1700:78f::3857
2a02:26f0:480:385::3857
2a02:26f0:480:393::2a5b
2a02:26f0:480:c::210:f198
2a02:26f0:480:c::210:f1a2
2a02:26f0:480:e::210:f10e
2a02:26f0:64:681::3621
2a03:2880:f21c:81c4:face:b00c:0:43fe
2a03:2880:f21c:81e5:face:b00c:0:4420
2a04:4e42::714
2a05:d018:d29:3602:39b1:7ee6:8530:823e
3.71.149.231
34.95.81.168
34.98.64.218
35.171.222.142
35.204.158.49
35.71.131.137
37.252.171.22
52.44.158.125
52.46.155.104
52.95.126.160
54.154.21.107
54.220.57.170
69.173.144.139
69.173.144.165
70.42.32.31
76.223.111.18
88.221.169.49
00ba8e67fe032daa140484ad62f7204d61c0356a2fa3f6136b425a4cf9e1aeab
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
05fb8eca3cac855529e8d64b4323aed56d9e4ae01148ee6ee7a9140941e3e9ee
061a22aec83389ec9674e466370f4fb48e37fbb0f50802501eabe914b7046ac1
0685061a5b56cb23042f48001712ebd45e188a95181ebfbbea7bc9a30b65c1a6
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
0adb2c0646a607411b429d7f7a35fc778d7c4e2cb1d0c30ca645cd5192f48aaf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c175f94fbe20da20efa4ef57dcb795b8083a1a6127802dc0e67b2625653bd5a
0cb197f6f7bfd999dd8b16f4a17bbb3041d22ab7f8ed146a60cdcfb9190a7979
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0da994bb9f52f8003feb94e6ec5230778c808e1d573e682ab3213e9387e0a694
0dd73964e0d701c6ed31ada67ddfa6d69c4be7fca2bbe878994022549d2865c4
0f0d14e678c7dd5f443e5810048090a0a12ac42e474c478b948a8d44c7f6a4d1
1085ca7b96d9f287bf35a440569948a42787e6a6b94144936149dee077b22277
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
28ad118d5a45f0c93ec68be77f9b897d87f304c79aeb840bbe141a4952a22ed1
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32a398551559147de00a9581403ae7e14230f11397e39e34887d0cbc5ed9c51d
34b579173efce5b56acd1e45a832614f1ba6889e7898718625eb2f036e855231
34bc7f5ab6e6987815a878b19f49b88fb9a8d45ed01c13395e416da4907055f9
3580ac6180dbd480e4bd070e260e6e62f1cea557ebb962e85a010828b3be6505
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
397850bc917afaa87d5ffce333fd3db75d324bb3a76249ab53cfd9e60197742b
3a49b1979c38d9739ecd887cbb3e321203ee6cee7a834251a1a3e46874b4df66
3c2fedf955f2114ffaa39be325ae5bcb7f60de66f47a2291a691cd97a59c7021
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
41565fe65c71db75a8ce0c368e7d2e0b42d71e2998425c1504841d2118e40418
43a787f1b2bb316fc89c7f479769f2a0380799658773fb9411e39fce5c2c785e
46117cd5dd92a7c23f9b9abe02a533f3b625ee59a4d4d5758122c6382516f0d6
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47fec72b3ef9b5329633a37d162b6614f447f05727151c03f572b1efdb915625
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a41267c7756b5cf6db1c072691a33690c63eef8ce8725e81626b52032735602
4ad86e4afd6ec129c99738488c425fca45522ddd0231c46564e1e071d59e3048
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f24aba3c3acdc3cff6194d7831432e690322ecc87eddd54e68088675b4ab129
504550e6ee1114c232fac467bb6f5d061f3f88121bdd0650a7a17e836b0e7314
5056f93d2315caf4c9d3a9c6a47f7b7ecbb29d2544909b9b1f296f6ab17e6b29
543b9774a8201539a5481d89a87e5c1f5eaad01410ff7a94775f09cd3a4a78d9
54611c9417a165beb99460295779b8ef329db509edb0757262472485bfeb8179
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5558ff5abadea6c680effca345feac36a302af14b5a557986d7ffa5abeda6d4e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406
57f3b1e8d2a63f8f0f5b74957b4c7b4545fc83be73ad87e185664697ead33ab7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59c12412e5b955388e564f50c25cbb29545851e1bd36445081733542233b2214
5b710a6bbba5e00184faf5147ee6f301a3e1b75ffc03dca56f007e5e07a0886c
5c192277938a388715dcdf70b56044a1d3f2fa9c473da46400206a079a5a7e9a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c6442b9ddd1a32ac3df7be8e7b134105a5a0a74030d934a891bc05ba5a69388
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5ec84c5bd59f05ee9796b8e2044825dd5bcb9fa01eb02ea8298bb87fcab764ce
5ff815c2bbdba8aa147e44311990e054a5021de502e6cd79ffe7d04404ba9ac0
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
640ad7901260e50fbe6d191ce8a1a60157ac03af086c7019c4e1c66f5edce304
644c15ebbf068765858a664c8d275ea376c3d5418612dfc246e77fd03ee017a5
65f471fef221d996710dc52325f851da7a84abb11e31349b8d9dbac03fb21688
66019a14c7a446b614109364529f0fc53ebf28e9dafcd3771121e19bfc50270f
66158cef853b0ccb38a1ed1076addcba0877ca5b946572432ce3b2820daff283
66d94c080fb79b680bfe06e973326cd7310c01a177a44d439b47cd6e4c20bd53
686f72e90972758db00d6a52914d2a8a5d849d4e12e4e871ca934d0bef17835d
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6cb191aa1a2ad570477b385959b558b5916aa5008f151b4ab9100fa2ea22bd4c
6cf2f763bc558a79479c3151a2459902be51ee91e05806dfc4415f4e14ff66d6
6d60981e838ab9df007f58e3ab6a742bf6516d84b0204b838502fb951ddfa758
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72f100a2a6a7cd2ccef3e79dbf46b5fa2821daf411ffd8e6429e4e6e62b26dae
731574e91e9031c7cf84fc4eaa7d40a90bd3f0bc513e35ab1f1737c448f3fcd1
73739839445b15229b65abe8f8ed4807707744fb255e36dcfefd7a25cdb63e59
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74cd04f60065b6e31e98e97a89b616b2f46ac40ea2533bba749515688b4b8047
756cfeb191de2bf5cfab2ff9bbc379f6a6134241731a9caf52ae379499ec14d8
786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a45e54b3007cf827926980231002644b7a75614e07febdecf41ed6ea47be063
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7c81fb12693302c027fb6f81b8afe5c36f9a187ea9c11d98d3a47e40024f3705
7d756007634d0d47c5d681421e9df6e138995fe0f247c5c17f87277fb66a1092
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80c1e1ac3c87115854e5bceffdf916959fb9278e9782dfb3124abe2b7dfb0379
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
871748ce617e95467e09486a21c0fe250eaca2076205e37aab4ca6e1a7f3f330
8b0b4cf19e0e192f51a39a51df8b709a1019d01a95115c99396ad7c612f92b73
8d25a0e1702668dd643fe6d3178ea4ff57d06282ca9fd6173d3f95deed3eb7b6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dcfe2ca725aae40efb98cf072faec02766d4113cea792734e7ef92113159a26
8ed4f12d45ad102a0d1aaf6c11ce73253584361d3beafd7d4691f9ba506646ac
8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
945ce4bfd4a41947475ac6658ccdb643abf94d3a76a1ac568b60ac66d96046f7
95ef23651da5043776c8f1da1d593e3a7ce538b0d7706c0961a1687487deb647
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
98e038b4db16f5033bdca3ee0ecd9284afaf352695ffa5a32753fc996a12ebdf
9a4b16e67f4165970762075d032af6ef1b8eae1434ad8a8f704c669a03ea1d56
9a7027cdab37b77f122020b707c13ae811187252bf88f5a688558dc1d5d76fcf
9d753d7e4ff89a3ccb19db9079885345c3869bcfcd08118edbaacd605487fab7
9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4
9feab3fefb0b32e8e59ee33031c8bc3918a76201441080fb072f93133ef9380d
a0da04921f18c4798b1f30208f918f4e8dac74dddc5aa652e9a614a938a1b8b9
a10e8022a6d12d036830dad50fe745b3b3f3247072c91be1ff1b9988f360f3e0
a45889dfbf4f434f10608a8ad9bbb501caa4d5e1b07238800528cc2e7ca27a5b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a510677284d928d6efbc9b2f3e9d88fe1bc8f0be327da4f8d634a9ff04f573fb
a741eb6a7948e21ae14aa87a17470a79a9a7a64df4a0993a42fa7f0b9ed83ead
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9c59d428ca2f246581987e8e3132db0c62e7e4ee64b823779940a2db0a32f79
ab716468482877fd517f038b636dd6d7604fbc6f5feaf865b4f6b7eb3a94edf9
abb10d49c1f03e714d921c0050900b4585c84f492b6946eef8afec8173d8b48e
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acdd8781391b6bf24f515570a5d64c8703980d2d3beebeb28418b78d51dd8a09
aeeb8dc0b990ac066d90f3ee37d372a4e4757ac06425797195b3d7af00afc76b
b0ee1b83a672e602c818711d3165f40b3c24571f136a76235b5e01bb542afd62
b0f8b4d39d44dbfb7a704e76c24c1fc06c425b8d438267059dd87dfe5164b0cc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4f1ff793b9ae11982096cb0c049cd0a0cee90b9cddfe72c35b33b370f743865
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb78d5f80df70d6980f7a6b09ba6493493baa5350c3ef31440bab58ea87279db
bc45e40040cf0de904e32e617ce08358bbd663d8244986dbe7e3437ee59532ad
bc4c79e8d7f87579fa81d44b5d6bbda4bbe652abd26c90b30d1cd7a4e4451b43
bdbaf7ad9623cbf4cf34c4748d7ac5d760097fde17b3f46a3ae8fd3fc35d7bd9
c02b9ec79fbd254fa28c4af580ef583bb835db70e1fe23cf73578011e8c66f14
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c291d3b9a1e01ff91f0d4e19da2004530e0e7f191e93655cb6cf805f50bd4dff
c2d70a4a2a7922c9d02554ddf6fb2a4b4da58f003918251c6cbbadf9f6040878
c4ab1e75878be136902195ffa060c7627f882debc0e507d3748c83958b5e0293
cf21c64f1fad6afe9540b32bbe8d830934343b25b06c438437b1455e5c3b7ce9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d1588d95d6698b243c121f7494595dab7b220e285baf9917a942ded852f307d1
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d570c010d78ce92e3dd1bb5f971ef4369f4542083a43e2b1ec697f89db9bdfc0
d574f6520896627ad2e548717d6f7b70b6d95b5c7b9b01607cb6328658cf6919
d5ffb8aef851fbf4e52ae7523e046182dc7837cefc22f118ff715a4b8f130867
d60b84b7316948dc5d2c9c0e04cba3abcd0900169da2433f6923d8b116293376
d80704b0ddb801ebac598b90b140210d78d0127bf097b8ad1a8ee8f3192b9386
da9d46dc7ae9a2c535b65a6bdf23b7f731bfe6733571fe87cd9655fca86bde08
dd8909252c52dfef05074dcac3a82cfc39a5bd431a45011ec7a205fd4d570b22
ddfd865e7f12769fb2bda5bcaa84657980cae7117acc679be6877a2d318909b5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
df76a18c81c9c3af8d3130e72d5df8ad2a3fcda74526c57bda644469ffd33f7e
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57a30e2ef18d808a1afa350e0b33e22376ef7a5b341e7d791dbe6486f345882
e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3
e93b7d5fabcfdc7f2e7966b3d2cfa76f322cc60d65c35d9ae1cfa155431abe7c
ea9339d345ec52bbedde9963994dd1a77ffabfbe8bbae98bd7131b40f6f5f8e7
ead6c80d76fadd0081de134430697e72f079197794936fae25f351a55907b6c7
eb87c2084b300197548fa2cc2a57245397503e02f88e9b322922a6ae08c8c3db
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f129a1eeda59ae34fd2fa8019c1d8b08aae8d858ea76ae1e8ba23c70c75b6024
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f61c25677630be410af378334faf8cd0f2b903f5635da348cf7a78d9c4caceba
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f90e7bd1d0187490f546431f0caa98a9109fe1c1024efd417acd98e38ee1dd73
f95ee55ecca305b0d2ab379ee5c3fe559f935d0cb9a5e735928a58b0b4555806
fe16f6ce2698fde7c1103654b0b5d7f39541993822d0d5c92181c4dd629054bd

www.timesnownews.com Open in urlscan Pro 2a02:26f0:1700:5::5f65:1b4b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

287 Requests

86 %HTTPS

52 %IPv6

50 Domains

97 Subdomains

75 IPs

9 Countries

3973 kBTransfer

11114 kBSize

58 Cookies

12 Outgoing links

Redirected requests

287 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.timesnownews.com Open in urlscan Pro
2a02:26f0:1700:5::5f65:1b4b Public Scan

Screenshot
Live screenshot

Full Image

287
Requests

86 %
HTTPS

52 %
IPv6

50
Domains

97
Subdomains

75
IPs

9
Countries

3973 kB
Transfer

11114 kB
Size

58
Cookies

287 HTTP transactions
6 data transactions