thewire.in Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Submission: On November 10 via api (November 10th 2023, 5:25:26 am UTC) from IN — Scanned from NL

Summary HTTP 295 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 92 IPs in 13 countries across 76 domains to perform 295 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is thewire.in. The Cisco Umbrella rank of the primary domain is 447846.
TLS certificate: Issued by E1 on October 6th 2023. Valid for: 3 months.

This is the only time thewire.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.185.168 142.250.185.168	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:e2:... 2606:4700:e2::ac40:8d0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
47	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	129.227.190.211 129.227.190.211	21859 (ZEN-ECN) (ZEN-ECN)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	13.32.121.63 13.32.121.63	16509 (AMAZON-02) (AMAZON-02)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.121 18.66.112.121	16509 (AMAZON-02) (AMAZON-02)
1	104.16.188.89 104.16.188.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:16bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:8fa1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	35.207.221.200 35.207.221.200	19527 (GOOGLE-2) (GOOGLE-2)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
13	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	34.160.108.227 34.160.108.227	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.159.152.17 162.159.152.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2400:52e0:1a0... 2400:52e0:1a01::992:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2606:4700:10:... 2606:4700:10::6816:44f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.22.69.240 104.22.69.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	185.165.240.175 185.165.240.175	49981 (WORLDSTREAM) (WORLDSTREAM)
1	52.71.51.170 52.71.51.170	14618 (AMAZON-AES) (AMAZON-AES)
7	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1 1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
4 4	18.197.176.130 18.197.176.130	16509 (AMAZON-02) (AMAZON-02)
2 2	188.42.34.64 188.42.34.64	7979 (SERVERS-COM) (SERVERS-COM)
1	190.2.150.148 190.2.150.148	49981 (WORLDSTREAM) (WORLDSTREAM)
1	143.204.98.105 143.204.98.105	16509 (AMAZON-02) (AMAZON-02)
1	2400:52e0:1a0... 2400:52e0:1a01::1000:1	200325 (BUNNYCDN) (BUNNYCDN)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.39 99.86.4.39	16509 (AMAZON-02) (AMAZON-02)
2	13.32.119.77 13.32.119.77	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
6	212.8.250.43 212.8.250.43	49981 (WORLDSTREAM) (WORLDSTREAM)
1	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.76.48.154 54.76.48.154	16509 (AMAZON-02) (AMAZON-02)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 7	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
5	216.52.2.86 216.52.2.86	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
6	178.32.210.226 178.32.210.226	16276 (OVH) (OVH)
12	52.31.140.196 52.31.140.196	16509 (AMAZON-02) (AMAZON-02)
2	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.52.123.144 23.52.123.144	16625 (AKAMAI-AS) (AKAMAI-AS)
2	99.81.57.59 99.81.57.59	16509 (AMAZON-02) (AMAZON-02)
4	2404:6800:400... 2404:6800:4003:c05::5e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	104.18.23.145 104.18.23.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.26.8.169 104.26.8.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
3 7	143.244.213.152 143.244.213.152	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	23.213.164.238 23.213.164.238	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	13.32.27.99 13.32.27.99	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	23.52.120.27 23.52.120.27	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.250.149.102 34.250.149.102	16509 (AMAZON-02) (AMAZON-02)
1 2	185.86.138.153 185.86.138.153	201081 (SMARTADSE...) (SMARTADSERVER)
1 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	23.212.211.47 23.212.211.47	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.52.120.246 23.52.120.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:223... 2600:9000:223f:5c00:1f:4c18:bd40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1	18.205.170.196 18.205.170.196	14618 (AMAZON-AES) (AMAZON-AES)
2 2	216.52.2.6 216.52.2.6	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
4 4	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	69.166.1.66 69.166.1.66	27630 (AS-XFERNET) (AS-XFERNET)
1 1	145.40.97.66 145.40.97.66	54825 (PACKET) (PACKET)
2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1 1	3.221.87.219 3.221.87.219	14618 (AMAZON-AES) (AMAZON-AES)
2	3.120.44.6 3.120.44.6	16509 (AMAZON-02) (AMAZON-02)
1 1	23.38.80.21 23.38.80.21	16625 (AKAMAI-AS) (AKAMAI-AS)
10	34.247.205.196 34.247.205.196	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.72.176.107 52.72.176.107	14618 (AMAZON-AES) (AMAZON-AES)
2	2a05:d018:d29... 2a05:d018:d29:3601:4c00:85ae:82c6:552b	16509 (AMAZON-02) (AMAZON-02)
1 1	52.70.1.191 52.70.1.191	14618 (AMAZON-AES) (AMAZON-AES)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
2 2	70.42.32.255 70.42.32.255	13789 (INTERNAP-...) (INTERNAP-BLK3)
2 2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.153.167 124.146.153.167	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
4 4	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 4	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
2 2	44.195.172.121 44.195.172.121	14618 (AMAZON-AES) (AMAZON-AES)
1 2	13.32.27.28 13.32.27.28	16509 (AMAZON-02) (AMAZON-02)
1 2	54.171.198.71 54.171.198.71	16509 (AMAZON-02) (AMAZON-02)
1	72.251.241.196 72.251.241.196	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	185.86.139.103 185.86.139.103	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.95.32.73 141.95.32.73	16276 (OVH) (OVH)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
295	92

19 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

thewire.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.thewire.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
frontend.thewire.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8d0d (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 129.227.190.211 (New Delhi, India)

ASN21859 (ZEN-ECN, US)

cdn.adgebra.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-63.fra60.r.cloudfront.net

connect.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.knightlab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-121.fra56.r.cloudfront.net

w.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.188.89 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:16bf (United States)

ASN13335 (CLOUDFLARENET, US)

go.automatad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:8fa1 (United States)

ASN13335 (CLOUDFLARENET, US)

srvr.dmvs-apac.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.207.221.200 (Mumbai, India)

ASN19527 (GOOGLE-2, US)
PTR: 200.221.207.35.bc.googleusercontent.com

adgebra.co.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.108.227 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 227.108.160.34.bc.googleusercontent.com

cdn.adgebra.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.152.17 (None, )

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1a01::992:1 (Los Angeles, United States)

ASN200325 (BUNNYCDN, SI)

cdn.automatad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:44f0 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.atmtd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.69.240 (None, )

ASN13335 (CLOUDFLARENET, US)

scripts.atmtd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 185.165.240.175 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-165-240-175.hosted-by-worldstream.net

ad.vidverto.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.51.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-51-170.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.197.176.130 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-176-130.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.34.64 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 190.2.150.148 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 190-2-150-148.hosted-by-worldstream.net

ad.vidver.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-105.fra50.r.cloudfront.net

public.flourish.studio	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1a01::1000:1 (Los Angeles, United States)

ASN200325 (BUNNYCDN, SI)

b2cdn.automatad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 212.8.250.43 (Rotterdam, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl

cdn.vidverto.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.48.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-48-154.eu-west-1.compute.amazonaws.com

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.171.21 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.52.2.86 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.32.210.226 (France)

ASN16276 (OVH, FR)
PTR: ip226.ip-178-32-210.eu

prg8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.31.140.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-140-196.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.123.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-123-144.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.57.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-57-59.eu-west-1.compute.amazonaws.com

hb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c05::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

27468609a1af36f5a99fbe38afdb18a9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.23.145 (None, )

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.8.169 (None, )

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.244.213.152 (North Bergen, United States) 3 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

us-east-pbs.automatad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.93.169.131 (United States) 2 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-99.fra56.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.120.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.250.149.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-149-102.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.153 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.212.211.47 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.52.120.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:5c00:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cs-rtb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.205.170.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-170-196.compute-1.amazonaws.com

cs-server-s2s.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.6 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.174.117 (United Kingdom) 4 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.130 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.97.66 (Amsterdam, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.221.87.219 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-87-219.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.44.6 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-44-6.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.38.80.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-38-80-21.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.247.205.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.176.107 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-176-107.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:4c00:85ae:82c6:552b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.70.1.191 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-1-191.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.255 (United States) 2 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.153.167 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.8.90 (Amsterdam, Netherlands) 4 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.151.131 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.195.172.121 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-172-121.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.28 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-28.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.198.71 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-198-71.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.196 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.103 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.32.73 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-007.roqad.pl

wt.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 27468609a1af36f5a99fbe38afdb18a9.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	322 KB
27	vidverto.io ad.vidverto.io — Cisco Umbrella Rank: 30159 cdn.vidverto.io — Cisco Umbrella Rank: 40183	475 KB
19	thewire.in 1 redirects thewire.in — Cisco Umbrella Rank: 447846 cdn.thewire.in — Cisco Umbrella Rank: 736228 frontend.thewire.in — Cisco Umbrella Rank: 944851	1 MB
16	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359 www.google.com — Cisco Umbrella Rank: 2	65 KB
15	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 pubads.g.doubleclick.net — Cisco Umbrella Rank: 401 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	179 KB
13	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 2437 public.servenobid.com — Cisco Umbrella Rank: 5174	9 KB
12	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1591 usersync.gumgum.com — Cisco Umbrella Rank: 2098 rtb.gumgum.com — Cisco Umbrella Rank: 1589	4 KB
10	smartadserver.com 3 redirects prg8.smartadserver.com — Cisco Umbrella Rank: 19490 ssbsync.smartadserver.com — Cisco Umbrella Rank: 774 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733	5 KB
10	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394 s.amazon-adsystem.com — Cisco Umbrella Rank: 310	73 KB
10	automatad.com 3 redirects go.automatad.com — Cisco Umbrella Rank: 69812 cdn.automatad.com — Cisco Umbrella Rank: 89531 b2cdn.automatad.com — Cisco Umbrella Rank: 200231 us-east-pbs.automatad.com — Cisco Umbrella Rank: 168127	44 KB
9	gstatic.com fonts.gstatic.com csi.gstatic.com	167 KB
9	adgebra.co.in adgebra.co.in — Cisco Umbrella Rank: 48036	23 KB
8	rubiconproject.com 2 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969 eus.rubiconproject.com — Cisco Umbrella Rank: 602 token.rubiconproject.com — Cisco Umbrella Rank: 458	29 KB
8	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 246 acdn.adnxs.com — Cisco Umbrella Rank: 609 secure.adnxs.com — Cisco Umbrella Rank: 495	35 KB
7	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 683 ce.lijit.com — Cisco Umbrella Rank: 882	3 KB
7	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502 ads.pubmatic.com — Cisco Umbrella Rank: 534 image6.pubmatic.com — Cisco Umbrella Rank: 823	24 KB
7	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 746	1 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 imasdk.googleapis.com — Cisco Umbrella Rank: 447	856 KB
5	creativecdn.com 4 redirects prebid-asia.creativecdn.com — Cisco Umbrella Rank: 22680 creativecdn.com — Cisco Umbrella Rank: 592	2 KB
4	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 327 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	1 KB
4	casalemedia.com 1 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	3 KB
4	media.net 1 redirects prebid.media.net — Cisco Umbrella Rank: 1335 contextual.media.net — Cisco Umbrella Rank: 691 hbx.media.net — Cisco Umbrella Rank: 1337	12 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 351	1 KB
4	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1186 syndication.twitter.com — Cisco Umbrella Rank: 1447	159 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	445 B
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 567	2 KB
3	minutemedia-prebid.com hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3706 cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5267	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	250 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 228	1 KB
2	rezync.com 1 redirects live.rezync.com — Cisco Umbrella Rank: 1922	781 B
2	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 539	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 580	1 KB
2	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 522	676 B
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 559	69 B
2	rfihub.com 2 redirects p.rfihub.com — Cisco Umbrella Rank: 868	2 KB
2	contextweb.com 2 redirects bh.contextweb.com — Cisco Umbrella Rank: 547	1 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 894	104 B
2	teads.tv a.teads.tv — Cisco Umbrella Rank: 1462	754 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1523	26 KB
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1638	2 KB
2	atmtd.com scripts.atmtd.com — Cisco Umbrella Rank: 62784	117 KB
2	quora.com a.quora.com — Cisco Umbrella Rank: 5077 q.quora.com — Cisco Umbrella Rank: 3698	15 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	91 KB
2	soundcloud.com connect.soundcloud.com — Cisco Umbrella Rank: 114966 w.soundcloud.com — Cisco Umbrella Rank: 16508	42 KB
2	adgebra.net cdn.adgebra.net — Cisco Umbrella Rank: 65739	6 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	13 KB
1	rqtrk.eu wt.rqtrk.eu — Cisco Umbrella Rank: 1674	350 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1392	283 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1208	693 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1055	44 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 909	465 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 689	1 KB
1	disqus.com 1 redirects ssp.disqus.com — Cisco Umbrella Rank: 1439	274 B
1	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 751	156 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 931	401 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268	465 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 851	434 B
1	yellowblue.io cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2460	370 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1545	160 B
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1421	46 KB
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481	677 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	17 KB
1	flourish.studio public.flourish.studio — Cisco Umbrella Rank: 23168	7 KB
1	vidver.to ad.vidver.to — Cisco Umbrella Rank: 53225	155 B
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 10367	259 B
1	adgebra.in cdn.adgebra.in — Cisco Umbrella Rank: 492083	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	google.nl www.google.nl — Cisco Umbrella Rank: 10244	408 B
1	dmvs-apac.com srvr.dmvs-apac.com — Cisco Umbrella Rank: 99610	13 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2386
1	knightlab.com cdn.knightlab.com — Cisco Umbrella Rank: 62264	10 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	24 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	31 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1002	11 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1969	51 KB
295	76

	Domain	Requested by
47	pagead2.googlesyndication.com	thewire.in pagead2.googlesyndication.com imasdk.googleapis.com www.google.com tpc.googlesyndication.com
21	ad.vidverto.io	cdn.adgebra.in ad.vidverto.io thewire.in imasdk.googleapis.com
13	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net thewire.in
12	ads.servenobid.com	scripts.atmtd.com public.servenobid.com g2.gumgum.com ssum-sec.casalemedia.com ssbsync.smartadserver.com
10	usersync.gumgum.com	g2.gumgum.com
9	adgebra.co.in	thewire.in adgebra.co.in
9	thewire.in	1 redirects thewire.in
8	cdn.thewire.in	thewire.in
7	us-east-pbs.automatad.com	3 redirects b2cdn.automatad.com thewire.in
7	onetag-sys.com	ad.vidverto.io scripts.atmtd.com public.servenobid.com
6	pubads.g.doubleclick.net	imasdk.googleapis.com
6	prg8.smartadserver.com	scripts.atmtd.com
6	ib.adnxs.com	3 redirects scripts.atmtd.com acdn.adnxs.com
6	cdn.vidverto.io	thewire.in
5	ap.lijit.com	scripts.atmtd.com public.servenobid.com b2cdn.automatad.com
5	fonts.gstatic.com	fonts.googleapis.com
4	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com ssbsync.smartadserver.com
4	creativecdn.com	4 redirects
4	eus.rubiconproject.com	public.servenobid.com g2.gumgum.com eus.rubiconproject.com
4	ads.pubmatic.com	b2cdn.automatad.com scripts.atmtd.com public.servenobid.com g2.gumgum.com
4	csi.gstatic.com	imasdk.googleapis.com
4	x.bidswitch.net	4 redirects
4	imasdk.googleapis.com	ad.vidverto.io imasdk.googleapis.com
4	securepubads.g.doubleclick.net	www.googletagservices.com go.automatad.com securepubads.g.doubleclick.net
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	match.adsrvr.org	g2.gumgum.com ssum-sec.casalemedia.com ssbsync.smartadserver.com
3	sync.1rx.io	3 redirects
3	ssum-sec.casalemedia.com	1 redirects public.servenobid.com ssum-sec.casalemedia.com
3	c.amazon-adsystem.com	go.automatad.com c.amazon-adsystem.com
3	platform.twitter.com	thewire.in platform.twitter.com
3	fonts.googleapis.com	thewire.in
3	www.googletagmanager.com	thewire.in www.googletagmanager.com
2	token.rubiconproject.com	eus.rubiconproject.com
2	rtb-csync.smartadserver.com	2 redirects
2	dpm.demdex.net	1 redirects ssum-sec.casalemedia.com
2	live.rezync.com	1 redirects ssum-sec.casalemedia.com
2	i.liadm.com	2 redirects
2	cm.g.doubleclick.net	1 redirects g2.gumgum.com
2	c1.adform.net	2 redirects
2	b1sync.zemanta.com	2 redirects
2	pr-bh.ybp.yahoo.com	g2.gumgum.com ssum-sec.casalemedia.com
2	us-u.openx.net	2 redirects
2	match.sharethrough.com	public.servenobid.com ssbsync.smartadserver.com
2	ups.analytics.yahoo.com	public.servenobid.com
2	p.rfihub.com	2 redirects
2	ce.lijit.com	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	ssbsync.smartadserver.com	1 redirects public.servenobid.com
2	bh.contextweb.com	2 redirects
2	i.clean.gg	cadmus.script.ac
2	hb.minutemedia-prebid.com	scripts.atmtd.com
2	a.teads.tv	scripts.atmtd.com
2	prebid.media.net	scripts.atmtd.com
2	hbopenbid.pubmatic.com	scripts.atmtd.com
2	script.4dex.io	scripts.atmtd.com script.4dex.io
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	ads.betweendigital.com	2 redirects
2	scripts.atmtd.com	go.automatad.com
2	frontend.thewire.in	thewire.in
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	connect.facebook.net	thewire.in connect.facebook.net
2	region1.analytics.google.com	www.googletagmanager.com
2	cdn.adgebra.net	thewire.in
2	cdnjs.cloudflare.com	thewire.in go.automatad.com
1	www.google.com	tpc.googlesyndication.com
1	wt.rqtrk.eu	ssbsync.smartadserver.com
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	dsum-sec.casalemedia.com	ssum-sec.casalemedia.com
1	tg.socdm.com	1 redirects
1	rtb.gumgum.com	g2.gumgum.com
1	match.deepintent.com	g2.gumgum.com
1	sync.ipredictive.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	secure.adnxs.com	1 redirects
1	hbx.media.net	1 redirects
1	ssp.disqus.com	1 redirects
1	prebid.a-mo.net	1 redirects
1	sync.go.sonobi.com	public.servenobid.com
1	sync.targeting.unrulymedia.com	1 redirects
1	ad.turn.com	1 redirects
1	cs-server-s2s.yellowblue.io	public.servenobid.com
1	sync.adkernel.com	public.servenobid.com
1	cs-rtb.minutemedia-prebid.com	public.servenobid.com
1	g2.gumgum.com	public.servenobid.com
1	contextual.media.net	scripts.atmtd.com
1	acdn.adnxs.com	scripts.atmtd.com
1	public.servenobid.com	scripts.atmtd.com
1	image6.pubmatic.com	ads.pubmatic.com
1	prebid-asia.creativecdn.com	scripts.atmtd.com
1	cadmus.script.ac	script.4dex.io
1	syndication.twitter.com	platform.twitter.com
1	27468609a1af36f5a99fbe38afdb18a9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	hb-api.omnitagjs.com	scripts.atmtd.com
1	s0.2mdn.net	imasdk.googleapis.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	b2cdn.automatad.com	go.automatad.com
1	public.flourish.studio	thewire.in
1	ad.vidver.to	thewire.in
1	a4p.adpartner.pro	1 redirects
1	q.quora.com	thewire.in
1	cdn.automatad.com	go.automatad.com
1	a.quora.com	thewire.in
1	cdn.adgebra.in	adgebra.co.in
1	www.facebook.com	thewire.in
1	www.google.nl	thewire.in
1	stats.g.doubleclick.net	www.googletagmanager.com
1	srvr.dmvs-apac.com	thewire.in
1	go.automatad.com	thewire.in
1	js.hs-scripts.com	thewire.in
1	w.soundcloud.com	thewire.in
1	cdn.knightlab.com	thewire.in
1	connect.soundcloud.com	thewire.in
1	code.jquery.com	thewire.in
1	www.googletagservices.com	thewire.in
1	use.fontawesome.com	thewire.in
1	www.googleoptimize.com	thewire.in
295	116

This site contains links to these domains. Also see Links.

Domain
thewirehindi.com
thewireurdu.com
support.thewire.in
facebook.com
twitter.com
www.instagram.com
www.youtube.com
bit.ly
vidverto.io
www.hindustantimes.com

Subject Issuer	Validity	Valid
thewire.in E1	`2023-10-06` - `2024-01-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.adgebra.net Sectigo RSA Domain Validation Secure Server CA	`2023-02-20` - `2024-02-20`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.soundcloud.com GlobalSign GCC R3 DV TLS CA 2020	`2023-01-24` - `2024-02-25`	a year	crt.sh
knightlab.com E1	`2023-10-28` - `2024-01-26`	3 months	crt.sh
dmvs-apac.com GTS CA 1P5	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-19` - `2023-11-17`	3 months	crt.sh
www.adgebra.co.in Go Daddy Secure Certificate Authority - G2	`2022-12-18` - `2024-01-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
cdn.adgebra.in GTS CA 1D4	`2023-09-20` - `2023-12-19`	3 months	crt.sh
quora.com R3	`2023-09-24` - `2023-12-23`	3 months	crt.sh
cdn.automatad.com R3	`2023-10-26` - `2024-01-24`	3 months	crt.sh
atmtd.com E1	`2023-10-07` - `2024-01-05`	3 months	crt.sh
ad.vidverto.io R3	`2023-09-24` - `2023-12-23`	3 months	crt.sh
*.quora.com R3	`2023-11-05` - `2024-02-03`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
public.flourish.studio Amazon RSA 2048 M01	`2023-04-11` - `2024-05-10`	a year	crt.sh
b2cdn.automatad.com R3	`2023-10-26` - `2024-01-24`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
cdn.vidverto.io R3	`2023-09-23` - `2023-12-22`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
ads.servenobid.com Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-10-28` - `2024-01-26`	3 months	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.minutemedia-prebid.com Amazon ECDSA 256 M01	`2023-04-18` - `2024-05-16`	a year	crt.sh
syndication.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-01` - `2024-10-31`	a year	crt.sh
script.ac E1	`2023-10-31` - `2024-01-29`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2023-09-17` - `2023-12-16`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
us-east-pbs.automatad.com R3	`2023-10-29` - `2024-01-27`	3 months	crt.sh
*.servenobid.com Amazon RSA 2048 M02	`2023-02-21` - `2024-02-05`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-14`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-18` - `2024-05-16`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-11-30` - `2024-01-01`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon RSA 2048 M02	`2023-02-08` - `2024-02-15`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-03` - `2024-03-31`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 41 frames:

Primary Page: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Frame ID: B0F39743755057B20C451D47B9B6BC25
Requests: 154 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Frame ID: CCEE3BA60BE60C3A88C3A02FC4B25A76
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fthewire.in
Frame ID: 86D4F1E08182C266BC7DE89F575AB280
Requests: 2 HTTP requests in this frame

Frame: https://thewire.in/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: DAA31C1110419DC53B8CB2B521B8F2E5
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 8F09D0224FCCE3D1318C8884EEBE9339
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6114863792501481&output=html&adk=1812271804&adf=3025194257&lmt=1699593912&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699593909962&bpp=4&bdt=1676&idt=2049&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=532339527080&frm=20&pv=2&ga_vid=1227439951.1699593909&ga_sid=1699593912&ga_hid=10435213&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079404%2C44798934%2C44807460%2C44807763%2C31078301%2C44806139%2C44808148&oid=2&pvsid=4346626498519&tmod=1184487915&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=2511
Frame ID: F685745E2E8748B11D55B61280CCC9D2
Requests: 1 HTTP requests in this frame

Frame: https://b2cdn.automatad.com/geo/amp_user_sync/load-cookies.html
Frame ID: F3F9CEA7DCF6A9892A0A02571D846946
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Frame ID: 60627684CB54C547AF6387E17FB54844
Requests: 51 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/canary/omweb-v1.js
Frame ID: 6940AE7144580764B52231B52FDF78B5
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Frame ID: A26AF2CCCE7C9BFAD4A4B4A3D037F01E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 12674C373B3B40A1AF645461C1BA050B
Requests: 1 HTTP requests in this frame

Frame: https://27468609a1af36f5a99fbe38afdb18a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6D6F3A0220B1149F3AF809FFA54B9D79
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1699593913324
Frame ID: 18BD35B75A5C449A6CFB9C8DFC693823
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Frame ID: C2503435DB453E8B4BDAB1C31ACAEC15
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 96B26B9B832AD2223B5FD40462BA1B5F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Frame ID: 123EDE6C682A950A689156E8201CC7D0
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 96A846D1EAF2C60C034B82FAA337376B
Requests: 13 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13404110
Frame ID: 52E428498181DEFDD367C00F3F3DCD73
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 19F31226CC69279A8A93FF1B49213A94
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160148
Frame ID: 7AE619D3E9AF40AB74C788E1A8359DEF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1699593915159
Frame ID: 0D77D5B229034FC243A05C220D54ED26
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKH8M64&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C468%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: ECA9E4C332DD33EF5F81D8D599922E56
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 70A89E9AAC0EAB4F5746527366575A6B
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: BE07CDDFA72582ADAECA61829E3DC8B9
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 404C8C7F27E2D3A05B432F739C824DCE
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 8ABE1315713CB9F3DE3E954ED38F700E
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 7F34794AB37165A4EB0253E43A7E9CB3
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: D0A7B2F1166A550AB803761A3D307DEC
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: F5476439605829091FA60429F939354C
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: ACB9FD48B2E038C5F8BB29A9B693D962
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 382221865FCE9711AB739B8F953A17A8
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=4082930082235494054&gdpr=0&gdpr_consent=
Frame ID: 64C7C3826946F8E124B6D01B2D5D578A
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83OWVmZDZlNS1lNzZkLTRiYjMtYWM1ZS0wMTMxZGM2YjVkY2E=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 1A73809CBC48E1852C4B56F3B7A6C3D6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 9A25289AC1EDE70183F5B5DC3152BE57
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: DFBCB02918F1717FF4AA0F1F7F011D90
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZU2.v8Co8X8AAE6WlywAAAAA
Frame ID: C19E58901378D237BCED7128CA1D5407
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=FL6Wku007pCRtLUJ1VND&pi=gumgum&tc=1
Frame ID: 3E16C610CA38EB6A75FB0EA797C4274C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: BDDEBB3661C6EBFAA55C94A95FDDF137
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.atmtd.com%2Fs2s%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: 208234B11498B2D79DD615E6BD3A5022
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6EF19F4AE93C4B002A075720F54D00AE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E9A9A440F92C2E7213BFDFF75700326D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

After AIIMS, Delhi's Safdarjung Hospital Reports Being Hit by a Cyber Attack in November

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

295
Requests

90 %
HTTPS

31 %
IPv6

76
Domains

116
Subdomains

92
IPs

13
Countries

4712 kB
Transfer

16234 kB
Size

82
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://thewirehindi.com/
Title: हिंदी

Search URL Search Domain Scan URL

URL: http://thewireurdu.com/
Title: اردو

Search URL Search Domain Scan URL

URL: https://support.thewire.in/
Title: Support Us

Search URL Search Domain Scan URL

URL: https://facebook.com/thewire.in

Search URL Search Domain Scan URL

URL: https://twitter.com/thewire_in?lang=en

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thewirein/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/TheWireNews?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://bit.ly/3QwybO3

Search URL Search Domain Scan URL

URL: https://vidverto.io/

Search URL Search Domain Scan URL

URL: https://vidverto.io/?utm_source=vidverto.io_branding&&utm_medium=thewire.in

Search URL Search Domain Scan URL

URL: https://www.hindustantimes.com/cities/delhi-news/safdarjung-reports-cyber-attack-no-serious-damage-101670005574302.html
Title: reported

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://thewire.in/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://thewire.in/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Request Chain 72

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23 HTTP 302
https://ad.vidverto.io/delivery/v2/sync?userid=4734e38c-1f92-48f2-9f87-756d1a659863&p_id=23

Request Chain 73

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=80277530-0f0c-499a-9173-2ad33d40e43b&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=80277530-0f0c-499a-9173-2ad33d40e43b&gdpr=0&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=7466321252778511655 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=3c6e4a92-baab-523a-b6d7-8a7bd39a34c3&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
https://ad.vidver.to/delivery/v2/sync?userid=97119c1f-f6c5-45c2-847d-5a3195db1e04&p_id=15

Request Chain 217

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpulsepoint%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%25%25VGUID%25%25 HTTP 302
https://us-east-pbs.automatad.com//setuid?bidder=pulsepoint&gdpr=0&gdpr_consent=&uid=UJznYfwj1SRX&ev=1&pid=561205 HTTP 301
https://us-east-pbs.automatad.com/setuid?bidder=pulsepoint&gdpr=0&gdpr_consent=&uid=UJznYfwj1SRX&ev=1&pid=561205

Request Chain 220

https://ib.adnxs.com/getuid?https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://us-east-pbs.automatad.com//setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=2756809943040819841 HTTP 301
https://us-east-pbs.automatad.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=2756809943040819841

Request Chain 231

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Request Chain 232

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 237

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=2756809943040819841

Request Chain 238

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=HoZlqRZHOYZCpIGWTJWHiu2a

Request Chain 240

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1699593918623 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=8693264525 HTTP 302
https://sync.1rx.io/usersync/turn/8324606202955567102?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-47322927-19ca-4ba6-b630-a85f1b189122-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-47322927-19ca-4ba6-b630-a85f1b189122-003 HTTP 302
https://ads.servenobid.com/sync?pid=321&uid=RX-47322927-19ca-4ba6-b630-a85f1b189122-003

Request Chain 241

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5124322329459643486

Request Chain 243

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

Request Chain 245

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://ads.servenobid.com/sync?pid=346&uid=ua-a008e0b2-77c4-37c0-9e50-fd98588a465e

Request Chain 248

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

Request Chain 249

https://ib.adnxs.com/getuid?https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://us-east-pbs.automatad.com//setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=2756809943040819841 HTTP 301
https://us-east-pbs.automatad.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=2756809943040819841

Request Chain 250

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=2756809943040819841

Request Chain 251

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_79efd6e5-e76d-4bb3-ac5e-0131dc6b5dca&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=97119c1f-f6c5-45c2-847d-5a3195db1e04&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 252

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=dffef7b9-888a-406f-b164-7dd6ad3ed36b

Request Chain 253

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-8aff5d25-e392-5f6f-7a48-1c1c8adfb50c$ip$95.211.199.131

Request Chain 255

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=f9045b76-c89c-433b-8eba-abcf86bd70bd

Request Chain 257

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_79efd6e5-e76d-4bb3-ac5e-0131dc6b5dca&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_79efd6e5-e76d-4bb3-ac5e-0131dc6b5dca&s=2&us_privacy=1--- HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=XnJZF1dsCyRk6cMksuh8&gdpr=0&us_privacy=1---

Request Chain 258

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=bGq9jg7ic2En&ev=1&pid=558355

Request Chain 259

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=739854086290466249

Request Chain 261

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=adf&i=4082930082235494054&gdpr=0&gdpr_consent=

Request Chain 265

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZU2.v8Co8X8AAE6WlywAAAAA

Request Chain 266

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=FL6Wku007pCRtLUJ1VND&pi=gumgum&tc=1

Request Chain 267

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 268

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZU2-vtIBjIzPGsnb6-NqYgAABI8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHkk_QznUjZfCPQgofiZ7d0&google_cver=1

Request Chain 270

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU2-vtIBjIzPGsnb6-NqYgAABI8AAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU2-vtIBjIzPGsnb6-NqYgAABI8AAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 271

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZU2.vtIBjIzPGsnb6.NqYgAA%261167&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZU2.vtIBjIzPGsnb6.NqYgAA%261167&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=00d6709e07044c639a0357806f461a14 HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=00d6709e-0704-4c63-9a03-57806f461a14 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=7ae55a68-dddd-41ac-88d2-461725581aaa%3A1699593919.3784947&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D7ae55a68-dddd-41ac-88d2-461725581aaa%253A1699593919.3784947%26_%3D1699593919.3806906&cb=1699593919.380725 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322329459643486&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D7ae55a68-dddd-41ac-88d2-461725581aaa%253A1699593919.3784947%26_%3D1699593919.3806906

Request Chain 272

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZU2.vtIBjIzPGsnb6.NqYgAA%261167?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZU2.vtIBjIzPGsnb6.NqYgAA%261167

Request Chain 273

https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZU2.vtIBjIzPGsnb6.NqYgAA%261167 HTTP 302
https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZU2.vtIBjIzPGsnb6.NqYgAA%261167&tc=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=FL6Wku007pCRtLUJ1VND&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZU2.vtIBjIzPGsnb6.NqYgAA%261167&tc=1

Request Chain 278

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26uid%3DSMART_USER_ID%26gdpr_pd%3D0&gdpr=0&gdpr_consent= HTTP 302
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=5979474532530316720&gdpr_pd=0&gdpr=0&gdpr_consent=

Request Chain 279

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=5979474532530316720&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=5979474532530316720&gdpr=0&gdpr_consent=&dcc=t

295 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request delhi-safdarjung-hospital-cyber-attack Show response
thewire.in/health/ 38 KB
11 KB 1363ms
1316ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0839ae4064aa36b16aa50e673dec923963cb9ce6eaf2cad783b270ef2adc1268

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-headers: Range
access-control-allow-origin: *
access-control-expose-headers: Content-Length
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 823bdf7e9dc92c6b-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 10 Nov 2023 05:25:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwaQwkAYXj5k1YlTfyb6u9Usu1RzaJyIbVOWJ01ECI2q03Dg05ENnFq7uJREFf%2BPGQEga9UlG85xu8mjLDH4H5%2F8GezisaxJAy7t8tP6XGVVVoYVQdKXLkzwIcN53nofhZjWCgjSmwsd"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
90 KB 410ms
61ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-65DW8NFTWS

Requested by

Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a137c6f0c6d5056888bc215696e2c3ce04a906fd7e07bef82ecfcfe559559eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92540
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 05:25:08 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 133 KB
51 KB 497ms
30ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-WRQD7VJ

Requested by

Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4942a61945ec7c3aaf632e4e1dd5249dea7615756c7d3672d76d169e041a53e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51704
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 05:25:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 197 KB
69 KB 369ms
36ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MT9SQQS

Requested by

Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9e91db88ab60963c82f145a3634d4eb4f04c738e386702a9192ac72066cd7c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70173
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Nov 2023 05:25:08 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 556ms
43ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7752
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76OviXPRp8KFanz9KNXst3Rv9lLmbd0mRioDj%2FzywcX3yGxxF6piAzGh4XyuEOON9DptWrr0Qlek6%2Bsr0EnNzqTYzEE3Yd2xw3wEhOHhHH58uwgWYshAxxGdJVsGzQbPOQgfxMTmoYsNz1pCxWHeB3T5"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 823bdf8c2cbc0482-FRA
expires: Wed, 30 Oct 2024 05:25:09 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.3.1/css/ 48 KB
11 KB 796ms
31ms Stylesheet
text/css 2606:4700:e2::ac40:8d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 163792
etag: W/"10519cfd3206802f58315b877a9beab5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhO7uLwGD%2FRwqzYwVvZ1WQC%2B6pU4V4%2BGtrbXA%2BnoN3YjX95PrhBidVuJD9jKA1HnIQFEdeKgLRwpHm0P5EWTatRQHuNjzA8O6Yz4fnzxODN%2BpTuZxL2DnQqbJM1qnQVZNdafbqS9Gw8Zw37N73uFJjOH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 823bdf8db8d74d3d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 materialize.min.css
thewire.in/public/vendor/materialize-css/dist/css/ 139 KB
22 KB 340ms
336ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thewire.in/public/vendor/materialize-css/dist/css/materialize.min.css
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b079a3ff21ceabb15fa5cac7f24b887e2cceac470b8eddeb9361fafa335db88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 20 Oct 2023 07:12:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 781244
etag: W/"65322859-53bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nScbRgLX8OwtuFu6XVtGChSLwQYCWK9L%2F%2FmAFuRKtFE7p2HbV29enG2ykbpkNEaYmS363J0fDGbnM9SuVK1ZI4q6XhJdUUJOoYKulXSjZltVQDaTuiLvFeDPrJ0H%2FUeIRpBHeTGCg%2Fpb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 823bdf88fdf42c6b-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 styles.main.deccd80a7fdd3a02a500.css
thewire.in/public// 772 KB
91 KB 35ms
31ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thewire.in/public//styles.main.deccd80a7fdd3a02a500.css
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f70eaab1fd5f72c79c22ab477b6716271d7c8cd8842f631f96131a8022b11f6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 318873
cf-polished: origSize=790264
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 06 Nov 2023 12:49:19 GMT
server: cloudflare
etag: W/"6548e0cf-42828"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgQaoQZl5ydFrPPlICZvgmaswSgYKD68pwslu3%2Br7Wtt4Yiy9DK3i99ucXNNRIME59hI83eh2yx%2FbES1CL6sJUyopshPXmzsPHmOFr1%2FFRlaWHx2642o1JawqD3pv2BgNxWfGuQ3%2BRXI"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 823bdf88fdf62c6b-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
52 KB 393ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2885b50cd377b00440d2061dd229f968c4a24228fff9eef0076f0886a645d433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52605
x-xss-protection: 0
server: cafe
etag: 7722352404653845781
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 05:25:08 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 103 KB
31 KB 169ms
81ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d4ae21b3fbd9dbe98b36f430b4d56b079bbdd29db5739f3b57cc780a2aca65d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31638
x-xss-protection: 0
server: cafe
etag: 397 / 19671 / 31079530 / config-hash: 1836788181091444997
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 05:25:08 GMT

GET
H2 200 thewire_1.js Show response
cdn.adgebra.net/custom/jsfile/adpushup/ 799 B
1013 B 1035ms
325ms Script
text/javascript 129.227.190.211
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adgebra.net/custom/jsfile/adpushup/thewire_1.js
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 129.227.190.211 New Delhi, India, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: Zen/2.7 /
Resource Hash: 68822d83fe064896a2cc9317fe941e8ddfcf43ccdae69622169f0af8aeeb37ee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:09 GMT
via: https/1.1 IN.DEL1.837.E.190.211 (Cache-6.1.14)
content-encoding: gzip
age: 2299509
x-guploader-uploadid: ADPycdtgDZQ9bEf_3zmhwTq0JqlnIOxr5XjQ_iASpmum2lSap_Ty4FnL8wYdPu3jVRrqKOBHpregEXvQcA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cache-server: ZenCache
x-goog-stored-content-encoding: identity
hittype: TCP_MEM_HIT
last-modified: Thu, 20 Apr 2023 09:08:56 GMT
server: Zen/2.7
etag: W/"c0a698202b87d8ac5ac714d7a4206554"
x-goog-generation: 1681981736284549
content-type: text/javascript
x-goog-hash: crc32c=YjRMVQ==, md5=wKaYICuH2KxaxxTXpCBlVA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 799
expires: Sat, 14 Oct 2023 15:40:00 GMT

GET
H2 200 jquery-3.6.0.slim.min.js Show response
code.jquery.com/ 71 KB
24 KB 101ms
29ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.slim.min.js
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512

Request headers

Referer: https://thewire.in/
Origin: https://thewire.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:08 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4791710
x-cache: HIT, HIT
content-length: 24587
x-served-by: cache-lga13624-LGA, cache-ams21045-AMS
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1699593909.704278,VS0,VE0
etag: W/"28feccc0-11ab4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 164, 11746

GET
H2 200 wire-logo.svg
cdn.thewire.in/wp-content/uploads/thewire-app-images/ 1 KB
1 KB 378ms
366ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thewire.in/wp-content/uploads/thewire-app-images/wire-logo.svg
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dccd4a386783ad94f41a889ffed96038034664a22a4c41c75cbbdcd3ceb46b94

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:08 GMT
via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-P1
age: 437
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 19 Jul 2021 13:09:05 GMT
server: cloudflare
etag: W/"9b956441bbca85aa73dea5a015c189e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upSbbc6gxto67KeS7R%2BQJolgc9oRPAYBLAJbt%2FWbE8eHtoe0Hv7BIlgPLoRMbH5SnrY88DiCf22SH41BaBC6ZU0CpBa6kIt6a1sopD9wQenUZKXEkRXS8D7dMUNKoZtgj5DYqP5wL2AWvgHxBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=300
cf-ray: 823bdf890e032c6b-FRA
x-amz-cf-id: taIhSNnFTNygz6Eq-EEJFedp7AphxgjXoX-tT3JdSYy7xyPeIUqXVw==

GET
H2 200 header-search.svg
cdn.thewire.in/wp-content/uploads/thewire-app-images/ 1 KB
1 KB 378ms
366ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thewire.in/wp-content/uploads/thewire-app-images/header-search.svg
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c28815103cfee18922df043f4d9c7f51cf2025f5469bb5fb8db6bbda7bb2debd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:08 GMT
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA6-C1
age: 698
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 19 Jul 2021 13:09:04 GMT
server: cloudflare
etag: W/"da7a13748d169b3439c76420e7dc992d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: https://thewire.in
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xw44oOy%2F%2BfVoxR4AIpXGAC5jtif30OGprg2yvqtsLbHT8sglT7pz0sxp5jnTv77WsTFWxfVVp1Mgm4%2BFQellwb0mZABtY6AkQYnRFoCXKJrC7PgM6L8UHtrYF4UngWtdrYQ9pdIjO6FAd5oBGw%3D%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-credentials: true
cache-control: max-age=300
cf-ray: 823bdf890e062c6b-FRA
x-amz-cf-id: 8cFc4dlndi6wxKdWhHWURz9DYz9nA4zefh-0FFcF7-4PcSfBtyktRA==

GET
H2 200 css
fonts.googleapis.com/ 1 KB
898 B 147ms
98ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif+Caption

Requested by

Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b729c1b11b86e24f68c54e0ea077b0abadaf772db8a342e19c7d79b1217fdd48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Nov 2023 05:25:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 05:24:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Nov 2023 05:25:08 GMT

GET
H2 200 Families-of-patients-outside-Safdarjung-hospital-copy-1200x600.jpg
cdn.thewire.in/wp-content/uploads/2020/03/25195305/ 194 KB
195 KB 1083ms
1082ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thewire.in/wp-content/uploads/2020/03/25195305/Families-of-patients-outside-Safdarjung-hospital-copy-1200x600.jpg
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9289cfce5b494a012aeb89f68536a034995ef24333c7b225a2b32e7254d9c8ff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:09 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 198765
last-modified: Wed, 25 Mar 2020 14:23:08 GMT
server: cloudflare
etag: "cbcdcbba70964b0c8ee117ee1230ad88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXvlYXroFhM5huOLF%2BgRlsD9NHIgwTNnlyop8r3CzFTyAjk%2F9Z%2FqzK0MApx7pw0y9V3Y8IT6u4Nd7rpBjRuOim8eDG%2BIE5geRwHBRtI8Ap2HhXW4hs%2B%2BEZiLgWs%2BqkDb91jeC3sbrmQ0cLujdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 823bdf8a0ecf2c6b-FRA
x-amz-cf-id: ATVBld9dfbOprKW8WeIt7FK8-LQblHesNavzQehbLcSWG27EKaxdcQ==
expires: Thu, 25 Mar 2021 14:23:07 GMT

GET
H2 200 wire-logo.png
cdn.thewire.in/wp-content/uploads/2019/02/13133501/ 10 KB
11 KB 202ms
202ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thewire.in/wp-content/uploads/2019/02/13133501/wire-logo.png
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 285108e47958f617dee7d583e1bb28c4900d451998f9eb5be99b49a641b75b02

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:08 GMT
via: 1.1 57a7a97927e18893c09f2a95e57175ae.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: BOM51-C2
age: 769511
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 10367
last-modified: Wed, 13 Feb 2019 08:05:03 GMT
server: cloudflare
etag: "282ac0f5c4caa113aef7ef078a17145a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwRsoaqbFzaUVor8FlyV91JDVvqdFEFk%2FFZlsv2TtIdx6m%2F%2BTCJcbLRhqLrVx%2BYKm6DCVrb2g8zcAweJ9K9n%2FXt4rJjnvMe3ej9hIDPkyP6TBVj5%2BYC2pYJznSiR1ynwh0jnC8jFj%2F3L0efpDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 823bdf8a1ede2c6b-FRA
x-amz-cf-id: azzvOWQ0J4IxWWMza-j9CW8j6V-9vlSCLTHzRzMmq_54CaAlVnhjPg==
expires: Thu, 13 Feb 2020 08:05:01 GMT

GET
H2 200 app.main.deccd80a7fdd3a02a500.js Show response
thewire.in/public// 2 MB
468 KB 363ms
361ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thewire.in/public//app.main.deccd80a7fdd3a02a500.js
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64426d77cc6bdf77f7fac60e26116d9c5bed8822a11b9396efe297fc109aafd2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 318873
cf-polished: origSize=1769989
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 06 Nov 2023 12:49:19 GMT
server: cloudflare
etag: W/"6548e0cf-8220a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNz6Qk2wyFKuNwVr0a1y8Huz2UAGbH9%2FRgn4Bb8HdlLttJMhEzolp%2FnuLhjZNPrUUebkECoFoDBLPBTCt4bXZeJozZAGFaD2P0uhIaiVUoBitlpR%2BDCZ5t48M3kCWeYUtBIJOkUeAHEp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 823bdf891e082c6b-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 543ms
25ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA7) /
Resource Hash: 9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 05:25:09 GMT
Content-Encoding: gzip
Age: 733
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27598
Last-Modified: Mon, 09 Oct 2023 20:29:49 GMT
Server: ECS (amb/6BA7)
Etag: "391b7fdf0c468036f27102529636f0ca+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 sdk.js Show response
connect.soundcloud.com/ 38 KB
38 KB 220ms
117ms Script
application/javascript 13.32.121.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.soundcloud.com/sdk.js
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-63.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc0986e2d8f4af4b26611039c261a62f88bf3cf088a4f8634d567b98753c340

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:10 GMT
x-amz-version-id: null
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Fri, 12 Feb 2021 15:22:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: "56aee59029c986cdef0050ddfce3c7ae"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 38812
x-amz-cf-id: r8ltnUTZJAnEUVCzH4tKHpqUppNp7HyaB2ITsFode1-T1uLOgWVHIQ==

GET
H2 200 soundcite.min.js Show response
cdn.knightlab.com/libs/soundcite/latest/js/ 10 KB
10 KB 606ms
26ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.knightlab.com/libs/soundcite/latest/js/soundcite.min.js
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07732cf9164d5e50028ce5df4cb74a587f4a9a6282896085dc5187b74fe48cbe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:09 GMT
content-encoding: UTF-8
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5Y6FS8G9PCXM1PXJ
age: 140
alt-svc: h3=":443"; ma=86400
content-length: 9847
x-amz-id-2: fgqfqlDRvDnQsPnMUcNav5knX/3G37On5CdwhChiqgq3EGS0MnLSyIpkfowLdEkha+1HueGR7Pw=
last-modified: Mon, 10 Jul 2017 20:05:10 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:501/gname:admin/uname:germuska/gid:80/mode:33188/mtime:1499717068/atime:1499717084/md5:d827cccceac0a543604b1c6af01570e1/ctime:1499717072
etag: "d827cccceac0a543604b1c6af01570e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGy8r4shE2ioTCZiFNfbgodBrPhMsn3mmStdT9QZRk44QMi3C0vfCbcGzTtAasqYX7mYt5sqFyG7W24E%2BRgWD%2Bl%2FliW%2FhdXQrUWikoizh1aiD4FOusVR%2B5H3cpKLyAdKl7vy%2Fj4b9%2FnqOIe1XkrvbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 823bdf8efb681963-FRA

GET
H2 200 api.js Show response
w.soundcloud.com/player/ 5 KB
4 KB 185ms
124ms Script
application/javascript 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://w.soundcloud.com/player/api.js?ver=1.0

Requested by

Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-121.fra56.r.cloudfront.net

Software

am/2 /

Resource Hash

fe7be71169532a67a19a2178113658e2cf55413a21635fcd0a89060c839a5be6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:09 GMT
via: sssr, 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
content-encoding: gzip
strict-transport-security: max-age=63072000
last-modified: Mon, 30 Oct 2023 10:13:54 GMT
server: am/2
x-amz-cf-pop: FRA56-P5
etag: W/"15a4-18b80135ad0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
p3p: policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT"
cache-control: public, max-age=300
accept-ranges: bytes
x-amz-cf-id: 2x0B_M6CbEiXovKcWQUUIXpeM-9oTsz6-N3SQz4X9lj_6vQTS87DRg==

GET
H2 404 detail.css
thewire.in/public/ 0
0 363ms
362ms Stylesheet
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thewire.in/public/detail.css?ver=1.0
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWr79GMDm27ttlUa9FoMlKmk2XKpRfFXRNMMUZ2Enl3ZniINtQufG6M3vNUCu%2BZhrbnlio%2FMZOJUoq8DHEGZTOb20k3AX960NqciycQnAiC9weSSSMvwjvz4Sbt5vTJkbb6FTfjhvGYh"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 823bdf891e0a2c6b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 410 4347679.js
js.hs-scripts.com/ 0
0 375ms
33ms Script
application/json 104.16.188.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/4347679.js
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.188.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 afihbs.js Show response
go.automatad.com/geo/LGXtf7/ 122 KB
21 KB 717ms
394ms Script
application/javascript 2606:4700:10::ac43:16bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.automatad.com/geo/LGXtf7/afihbs.js
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:16bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0423d1a3a28b42f7eca64f196a5aa459b25dbd9d7705043a7a8c2d46c034311f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:09 GMT
x-amz-version-id: Ga8o6M3X4eFaXU3h_lNJDDDp6fz__LO6
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: PA6JVZCW9AH7DG29
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: xsnyINugHt8re//SapCpzg9XB1/ArTLoi1JbQw9u7NzXmqtxQrl67uaN3z9860e4djY7AfZc2GU=
last-modified: Mon, 04 Sep 2023 11:24:17 GMT
server: cloudflare
etag: W/"76fec929769dc9ea86e955c931a04a39"
vary: Accept-Encoding
content-type: application/javascript
x-automatad-country: NL
cache-control: max-age=120
cf-ray: 823bdf8e6e5e30ea-FRA
x-automatad-device: W

GET
H2 200 dm-ce.min.js Show response
srvr.dmvs-apac.com/v2/ 47 KB
13 KB 195ms
50ms Script
application/javascript 2606:4700:3030::ac43:8fa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://srvr.dmvs-apac.com/v2/dm-ce.min.js
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8fa1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 539dc8c0af21a812ea8601ff9d73664c58cd197bbaf36c6243befecf31c6ee4e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 10 Nov 2023 05:25:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1389
x-cache: TCP_HIT
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 21 Feb 2023 08:13:40 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-azure-ref: 20231109T010115Z-dmwk1m3g491af6yecba877z35n0000000090000000022k2n
content-type: application/javascript
x-ms-request-id: 051411b9-401e-0050-4c19-111e1f000000
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGWO%2BemSoObdRZtezS%2FOAvs57l8W9viRCzjn747IpoPjrqj6NL6W3BPEXKGa%2FNzl5zvxqf3hi5tXhzPWwKJN0ulBWqcrvOloM4yNhoG8MEdl9nNfWK81Gmdd1RgFPNg8htyJoFly1nZ%2FRRkbSfwwLk0%3D"}],"group":"cf-nel","max_age":604800}
x-ms-version: 2009-09-19
cf-ray: 823bdf8d5b795d91-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 42ms
41ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-65DW8NFTWS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT9SQQS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

409aa29035df3891b3fb210c527adba7bb3aea94f90a1895580436cf6213c043

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 05:25:08 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 47ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-65DW8NFTWS&gtm=45je3b81v870102618z8866113002&_p=1699593908378&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1227439951.1699593909&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699593908&sct=1&seg=0&dl=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&dt=After%20AIIMS%2C%20Delhi%27s%20Safdarjung%20Hospital%20Reports%20Being%20Hit%20by%20a%20Cyber%20Attack%20in%20November&en=page_view&_fv=1&_nsi=1&_ss=1&ep.userID_event=null&tfd=1924
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-65DW8NFTWS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thewire.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 389ms
92ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-65DW8NFTWS&cid=1227439951.1699593909&gtm=45je3b81v870102618z8866113002&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-65DW8NFTWS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thewire.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 357ms
30ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-65DW8NFTWS&cid=1227439951.1699593909&gtm=45je3b81v870102618z8866113002&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=549496890

Requested by

Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
998 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:300,400,500|PT+Sans:400,700|PT+Serif:400,700,700i

Requested by

Host: thewire.in
URL: https://thewire.in/public//styles.main.deccd80a7fdd3a02a500.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c1c1c200c9293a2f74ff7fc2fde7dfe2dbb5fe5f1500a828340032ce199e420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Nov 2023 05:25:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 05:25:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Nov 2023 05:25:09 GMT

GET
H2 200 css2
fonts.googleapis.com/ 32 KB
1 KB 30ms
30ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: thewire.in
URL: https://thewire.in/public//styles.main.deccd80a7fdd3a02a500.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff9a2be960794ffc4738368eeec7262cd5bf70316287f8d2f0c3790170cf1277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Nov 2023 05:25:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 03:37:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Nov 2023 05:25:09 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 59ms
20ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 10 Nov 2023 05:25:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 14d78mG4isUTQvphwz0Ot806bL2QerEMwxii/wTdY0t+3c/tt6MIOWzacaQ1px9PRhHf0GK888OQiY4AH601Dw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 afph.js Show response
adgebra.co.in/afph/ 677 B
845 B 927ms
302ms Script
application/javascript 35.207.221.200
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://adgebra.co.in/afph/afph.js?p1=6014&p2=&p3=0
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS: 200.221.207.35.bc.googleusercontent.com
Software: /
Resource Hash: 599f45a18de02b55e6232b832d95ff9c82089aad4c4cc155f653e59e9a84dc85

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:10 GMT
via: 1.1 google
last-modified: Wed, 06 Sep 2023 18:00:12 GMT
accept-ranges: bytes
content-length: 677
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/javascript

GET
H2 200 GetAfpftpJs Show response
adgebra.co.in/afpf/ 6 KB
2 KB 925ms
303ms Script
text/plain 35.207.221.200
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://adgebra.co.in/afpf/GetAfpftpJs?parentAttribute=afpftpPixel
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS: 200.221.207.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e2f40fb6de657e7a786f10b9b75c31604532d0b63a10fbf87194b9955964a00

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 10 Nov 2023 05:25:10 GMT
content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
vary: accept-encoding
content-type: text/plain;charset=UTF-8

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 400 KB
135 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

450328db287c39d7254b673a7c467d084c2d7fabcaf0881340e8c91153d3aa64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138456
x-xss-protection: 0
server: cafe
etag: 6489454326836715904
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 05:25:09 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v53/ 28 KB
28 KB 286ms
236ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400,500|PT+Sans:400,700|PT+Serif:400,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thewire.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 17:51:14 GMT
x-content-type-options: nosniff
age: 41636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28512
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:44:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 17:51:14 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v18/ 29 KB
29 KB 93ms
43ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400,500|PT+Sans:400,700|PT+Serif:400,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thewire.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:53:39 GMT
x-content-type-options: nosniff
age: 5491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29588
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:28:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 03:53:39 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
44 KB 173ms
124ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400,500|PT+Sans:400,700|PT+Serif:400,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thewire.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:06:34 GMT
x-content-type-options: nosniff
age: 40716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 18:06:34 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 32 KB
32 KB 479ms
430ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400,500|PT+Sans:400,700|PT+Serif:400,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thewire.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:05:16 GMT
x-content-type-options: nosniff
age: 8394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33116
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:52:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 03:05:16 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/ Frame CCEE 9 KB
4 KB 331ms
282ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thewire.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 38047
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 18:51:03 GMT
etag: 16674218716276178799
expires: Thu, 23 Nov 2023 18:51:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/ 427 KB
134 KB 406ms
70ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079530

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97099da6fb4c43aa8cd1fa2cfb9dfefe93b07b3eac3fc20fc7094ff482871d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:21:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18205
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136817
x-xss-protection: 0
server: cafe
etag: 14142176788290477171
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 09 Nov 2024 00:21:45 GMT

GET
H2 200 1031643143533563 Show response
connect.facebook.net/signals/config/ 140 KB
37 KB 121ms
120ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1031643143533563?v=2.9.138&r=stable&domain=thewire.in

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a0e267f245cd5cdecefff821742d9d166584e58a027ac67dea9db49277a55aca

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 10 Nov 2023 05:25:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: bY4YCbx/J3TiBl8de/ulp5n6jHiTq+A2y8gCta9Z9m3GSyEuvGwtZMJNKZwbxbAY8bZmddkEfwAfUh+wR25bOg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 259ms
80ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1031643143533563&ev=PageView&dl=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&rl=&if=false&ts=1699593910612&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699593910608.1049905467&cs_est=true&ler=empty&it=1699593910176&coo=false&rqm=GET

Requested by

Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 10 Nov 2023 05:25:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 afphChild.js Show response
adgebra.co.in/afph/ 4 KB
2 KB 301ms
301ms Script
application/javascript 35.207.221.200
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://adgebra.co.in/afph/afphChild.js?hrId=2023111006
Requested by: Host: adgebra.co.in
URL: https://adgebra.co.in/afph/afph.js?p1=6014&p2=&p3=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS: 200.221.207.35.bc.googleusercontent.com
Software: /
Resource Hash: 42cdcdb769ea227cf6f8f431e83bf096848f20d824d57e3e0c1435a04f8a8943

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:10 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 06 Sep 2023 18:00:12 GMT
accept-ranges: bytes
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/javascript

GET GetImageDetails
adgebra.co.in/Adg_Analytics/ 0
0

GET
H2 200 RFPSegmentDomainReaderServlet Show response
adgebra.co.in/afpf/ 98 B
334 B 900ms
301ms XHR
text/plain 35.207.221.200
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://adgebra.co.in/afpf/RFPSegmentDomainReaderServlet?sitename=thewire.in
Requested by: Host: adgebra.co.in
URL: https://adgebra.co.in/afph/afphChild.js?hrId=2023111006
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS: 200.221.207.35.bc.googleusercontent.com
Software: /
Resource Hash: 040dfa23ca88069e2acc6a9d7f1b6eafbb35d483f2230149ac8ac3438f0b6ff7

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 10 Nov 2023 05:25:11 GMT
via: 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, X-Requested-With,Origin, Control-Request-Method,remember-me, Access-Control-Request-Headers,Authorization, x-auth-token
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST

GET
H2 200 TPHtmlTemplate Show response
adgebra.co.in/afpf/ 28 KB
4 KB 734ms
321ms XHR
text/plain 35.207.221.200
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://adgebra.co.in/afpf/TPHtmlTemplate?p1=6014&p2=null&p3=1&p6=5829&p7=0&p8=0&refUrl=https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack&p4=thewire.in
Requested by: Host: adgebra.co.in
URL: https://adgebra.co.in/afpf/GetAfpftpJs?parentAttribute=afpftpPixel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS: 200.221.207.35.bc.googleusercontent.com
Software: /
Resource Hash: 7d623e03a57f70c1ce57a31ec81c47ae104315eaa5fb2f89ca62534dda963b09

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: https://thewire.in
date: Fri, 10 Nov 2023 05:25:11 GMT
content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
vary: accept-encoding
content-type: text/plain;charset=UTF-8

GET
H2 200 206696744 Show response
fundingchoicesmessages.google.com/i/ 161 KB
53 KB 466ms
75ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/206696744?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079530

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7411e404c220ae946c251130e35de8581ecebb864aa8184a525df4bb9a5a3f9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cle4IxttJp-a6JvlXzHlgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-cle4IxttJp-a6JvlXzHlgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 delhi-safdarjung-hospital-cyber-attack.json Show response
frontend.thewire.in/article/ 4 KB
2 KB 833ms
689ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://frontend.thewire.in/article/delhi-safdarjung-hospital-cyber-attack.json
Requested by: Host: thewire.in
URL: https://thewire.in/public//app.main.deccd80a7fdd3a02a500.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3176dad4408f88d6e8f2fe3806132295be248e736ade0ce3e8004925124f2aa2

Request headers

Accept: application/json
Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded;multipart/form-data

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 06 Dec 2022 03:56:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"638ebd74-1108"
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vznIZ%2BDeQ2DXS9Pom2eDXQpVo%2BwV9f8GLR7KbN%2BRfPPwNT%2BmnVuGi1BLMtnztrZ8LvCugn4pCtad75Mpf%2FQnsl9LDbbVnmeox6Iys0moycHg4KIoLzyvzM9MTrLiz0hyUPtZtFLF6iaa%2Bq0vSauwm%2FN2"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cf-ray: 823bdf9ffcf02bc5-FRA
access-control-allow-headers: Range
alt-svc: h3=":443"; ma=86400

GET
H2 200 delhi-safdarjung-hospital-cyber-attack.json Show response
frontend.thewire.in/also/ 2 KB
1 KB 805ms
661ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://frontend.thewire.in/also/delhi-safdarjung-hospital-cyber-attack.json
Requested by: Host: thewire.in
URL: https://thewire.in/public//app.main.deccd80a7fdd3a02a500.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e75cd871752609786d732a54d98237069a566bbf2cb46a096a03b327164fe37

Request headers

Accept: application/json
Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded;multipart/form-data

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 06 Dec 2022 03:56:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"638ebd74-9ab"
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAEaYTPnG1HabRNu04HQlobBUU4sQ6N%2Fj1RAJDEVnqXEDliQv7%2BvJvg2qEMWTnXmCftx%2FzFowNQmmF04eoMvAGLHnfRZAzwvD7w6nrEmtIxJ0QLbfmEJ8Z5UeQe9dRNaUpmAigVsAbuU1JbkhcrCNBBD"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cf-ray: 823bdf9ffcef2bc5-FRA
access-control-allow-headers: Range
alt-svc: h3=":443"; ma=86400

GET
H2 200 thewire.js Show response
cdn.adgebra.in/custom/jsfile/vidverto/ 866 B
1 KB 61ms
14ms Script
application/octet-stream 34.160.108.227
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adgebra.in/custom/jsfile/vidverto/thewire.js
Requested by: Host: adgebra.co.in
URL: https://adgebra.co.in/afph/afphChild.js?hrId=2023111006
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.108.227 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 227.108.160.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: eac21187916702f6fe946b42fc8b65fe42f57d626620325477edc29fa47ce22e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:41:12 GMT
via: 1.1 google
x-goog-meta-goog-reserved-file-mtime: 1663592695
age: 2640
x-cache-status: hit
x-guploader-uploadid: ABPtcPrwVveyrQseupfZyY1QrWzhGripvBNMM-jLLttNs8xz0p4T2Y680uXNA7cEqRcvOPVnJyNiNRS2AeXptO74jilttTqJXwlo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 866
last-modified: Tue, 20 Sep 2022 21:15:24 GMT
server: UploadServer
max-age: 31536000
etag: "1346861a83789151230c2c57bbcff2c3"
x-goog-hash: crc32c=09UiAw==, md5=E0aGGoN4kVEjDCxXu8/yww==
x-goog-generation: 1663708524378458
content-language: en
content-type: application/octet-stream
cache-control: public
x-goog-stored-content-length: 866
accept-ranges: bytes

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 15ms
14ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA7) /
Resource Hash: 9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 05:25:12 GMT
Content-Encoding: gzip
Age: 736
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27598
Last-Modified: Mon, 09 Oct 2023 20:29:49 GMT
Server: ECS (amb/6BA7)
Etag: "391b7fdf0c468036f27102529636f0ca+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 qevents.js Show response
a.quora.com/ 41 KB
14 KB 81ms
29ms Script
text/plain 162.159.152.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.152.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2a101f313f27c267a744088e44664a87d2ec7dc2a3464bf1319a95094dc76db

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
x-amz-version-id: DENAuZi5jc6G3XAf0_byr8vJzUcVnf.F
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 5K57PBR2A0025GG8
age: 2024730
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: rvPsThAgQkJShQQ2J7UMgDJ+mUUBMPz6v4o52Qjy3F2U8CcHm7z1WCN2wGkAgqOAkDHbpFzSZ2Y=
last-modified: Tue, 17 Oct 2023 18:57:21 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:5defc3f1c55a0cb9cbca8c06fbabaf65
etag: W/"5defc3f1c55a0cb9cbca8c06fbabaf65"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=14400
cf-ray: 823bdf9fb92265c1-FRA
expires: Fri, 10 Nov 2023 09:25:12 GMT

GET
H2 200 afpf.js Show response
adgebra.co.in/afpf/ 401 B
486 B 301ms
300ms Script
application/javascript 35.207.221.200
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://adgebra.co.in/afpf/afpf.js?p1=6014&p2=0&p3=0&p4=&p5=
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS: 200.221.207.35.bc.googleusercontent.com
Software: /
Resource Hash: 89f3720a41e038f20df288f117212b2abafc40763263c6219c925e2d7fd37853

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:11 GMT
via: 1.1 google
last-modified: Wed, 08 Nov 2023 16:32:12 GMT
accept-ranges: bytes
content-length: 401
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/javascript

GET
H2 200 iiq_tag.js Show response
cdn.automatad.com/js/ 51 KB
14 KB 2216ms
357ms Script
application/javascript 2400:52e0:1a01::992:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.automatad.com/js/iiq_tag.js
Requested by: Host: go.automatad.com
URL: https://go.automatad.com/geo/LGXtf7/afihbs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a01::992:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-LA1-992 /
Resource Hash: 7bb23de30daa7e81e2fafc5d2fbcada4b6fefc10c3251661952a341d6864aa8e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:14 GMT
content-encoding: br
cdn-edgestorageid: 954
cdn-storageserver: DE-197
cdn-cachedat: 03/19/2023 14:03:23
cdn-pullzone: 50108
last-modified: Mon, 31 Oct 2022 13:32:25 GMT
server: BunnyCDN-LA1-992
cdn-fileserver: 290
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"635fce69-cdcf"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 02ba462e-865f-4abf-a9cd-22f9021b3a43
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=30
cdn-requestid: dc73ecc91897d3db06066adcc44eb6b3
cdn-requestcountrycode: NL
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 103 KB
31 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: go.automatad.com
URL: https://go.automatad.com/geo/LGXtf7/afihbs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

736499b1d4ee23cba4b08523a3495d700ce6f9707b61f5abecd9b99e809b6878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31642
x-xss-protection: 0
server: cafe
etag: 449 / 19671 / 31079531 / config-hash: 1836788181091444997
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 05:25:12 GMT

GET
H2 200 prebid_LGXtf7.js Show response
scripts.atmtd.com/yetijs/ 366 KB
116 KB 209ms
61ms Script
application/javascript 2606:4700:10::6816:44f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Requested by: Host: go.automatad.com
URL: https://go.automatad.com/geo/LGXtf7/afihbs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:44f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 848d94007dc11d424a39605182bd5f46e4fce0e7ff9600c6424b6d6e9ea57860

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
x-amz-version-id: Zheu3IgE1TI3.k4Y6.zHxnMXdn9868ra
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Aug 2023 12:50:04 GMT
server: cloudflare
x-amz-request-id: 87ABTA8R05QAS8V7
age: 79980
etag: W/"54ce051b113184be26e6693e6fef114b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
cf-ray: 823bdfa06a293625-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Y4lurEfgVDqLQp4TJqh97hdk3MNezW7Ab81wcFNLJ8ZTybV3r7x06hZYMXdRw/5wguu8ESkrV6c=

GET
H2 200 currency.json Show response
scripts.atmtd.com/yetijson/ 2 KB
1 KB 604ms
253ms XHR
application/json 104.22.69.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.atmtd.com/yetijson/currency.json
Requested by: Host: go.automatad.com
URL: https://go.automatad.com/geo/LGXtf7/afihbs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 436463dbbd471e6aae3cc0faf1b1598e276a77c83f6e5fd862a716dd16bf4451

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
x-amz-version-id: SHMxbv6U_Og0FlrhneaGAJ0RHFApdMxE
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: S4PKKKMNGKRY3MHG
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ZTkkcyn4wazg2s/9Ijd4QZS7PNjwMN/jZRFivYdEYjNUUOdxtdiYfQ7ftC8DgG2xDVwdQ0AnjGk=
last-modified: Fri, 10 Nov 2023 00:50:14 GMT
server: cloudflare
etag: W/"c9afd58aa58b83ec7ea94b8371308041"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=57600
cf-ray: 823bdfa1ac8665b3-FRA
x-amz-meta-mtime: 1699577403.926865516

GET
H/1.1 200
OK widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html Show response
platform.twitter.com/widgets/ Frame 86D4 319 KB
104 KB 804ms
37ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fthewire.in
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA1) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://thewire.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2710370
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Fri, 10 Nov 2023 05:25:13 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BA1)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H3

200

main.js Show response
thewire.in/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame DAA3
Redirect Chain

https://thewire.in/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://thewire.in/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

50ms
50ms

Script
application/javascript

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thewire.in/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5017d167832a48dae388a3bd2f95c4f85e950d3ae4e2d73ff2cbef3b0cbeb950

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcEdaFXnOtxtOi5z9%2FCU5dla6F%2BrQCC%2BjSW4dpkAqz%2Bi0KMrROKzvIN6XFr%2B3u6DLe8cuOx6hoUVDqKaYkrTHCNAKsfCSTvvVkmcvATLkqqWNTf5XfVUmtAakv4AvbRFryXXJXS1a9CK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 823bdf9fb83b9a18-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 10 Nov 2023 05:25:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGgbt8uY9ttynXG2rkY73UOuhlCEu%2FLvEpFSvPQz%2BNx8hYoHMDrF%2FnyhDys784osNU%2BI9DP3wsW7tKjyBKd%2F61%2B8Zn9Pxvx9HUqycBuLMI9fHbKgQGFysnViH6OUsLTwQN2XuyNZz5gM"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control: max-age=300, public
cf-ray: 823bdf9f881d9a18-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 invocation.js Show response
ad.vidverto.io/vidverto/js/aries/v1/ 26 KB
8 KB 62ms
14ms Script
application/javascript 185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by: Host: cdn.adgebra.in
URL: https://cdn.adgebra.in/custom/jsfile/vidverto/thewire.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ac2fe2697b560ed2c6826bf1e2aa8e2e11976155d5d72410a196d04beffb10a4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 13:45:26 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"651ebdf6-66b6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Fri, 10 Nov 2023 06:25:12 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/51111dc9618c430a88277626385f41e0/ 43 B
421 B 428ms
105ms Image
image/gif 52.71.51.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/51111dc9618c430a88277626385f41e0/pixel?j=1&u=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&tag=ViewContent&ts=1699593912296

Requested by

Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.71.51.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-51-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 05:25:12 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,53404e2be3d2efe40611b55ea3ca3562,10.0.0.50,27594,95.211.199.131,,174098217725,1,1699593912.674,0.001,,.,0,0,0.000,0.004,-,0,0,203,81,40,10,34729,,,,,,-,
Content-Type: image/gif

GET
H2 200 impress Show response
ad.vidverto.io/delivery/ 58 KB
17 KB 79ms
79ms XHR
application/json 185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=thewire.in&pzoneid=8405&in_iframe=&position=btf&screen_width=1600&screen_height=1200&top_domain=thewire.in&top_url=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&domain=thewire.in&url=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&referrer=&async=1&uid=3943443143&gdpr=0&gdpr_consent=
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7ae70d67d57da61e5924e7b66fab509fd965f545d40d9e20fbb285d1bf25e262

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: https://thewire.in
date: Fri, 10 Nov 2023 05:25:12 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

POST
H3 200 823bdf7e9dc92c6b Show response
thewire.in/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame DAA3 0
550 B 37ms
35ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thewire.in/cdn-cgi/challenge-platform/h/g/jsd/r/823bdf7e9dc92c6b
Requested by: Host: thewire.in
URL: https://thewire.in/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xstAXtPkFFy6SkrMzCEFPZiCa2nEDQi5s%2F0MmCCayVWk1fnB8%2FTvsJkACV0RcCMi04xZ%2Bjym1O6C9Dwx19Q%2FTPkhJVSg51lJZohkWT1DNV7kPbdUYFG5eBtwUkh953n%2F0bw9exB0IXUx"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 823bdfa0c9229a18-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 204 /
onetag-sys.com/usync/ Frame 8F09 0
0 88ms
22ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://thewire.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 363 KB
125 KB 411ms
35ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8ed9456b74c249bdb7a50d95659d7f1cfeec6014d19c253680509cba050f599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127386
x-xss-protection: 0
expires: Fri, 10 Nov 2023 05:25:12 GMT

GET
H2 200 inview.min.js Show response
ad.vidverto.io/js/ima2/2/ 5 KB
2 KB 20ms
13ms Script
application/javascript 185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-1389"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Fri, 10 Nov 2023 06:25:12 GMT

GET
H2 200 vast-client.min.js Show response
ad.vidverto.io/js/ima2/2/ 60 KB
13 KB 21ms
15ms Script
application/javascript 185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
content-encoding: gzip
last-modified: Tue, 03 Oct 2023 13:43:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"651c1a89-ee50"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Fri, 10 Nov 2023 06:25:12 GMT

GET
H2 200 ima.min.js Show response
ad.vidverto.io/js/ima2/2/ 88 KB
23 KB 21ms
19ms Script
application/javascript 185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=6b3d840047cc1b6c7dacde8c06286fff
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 731b9c77f15954baf2aafdc7aedd6e228bae8bb90de6d6621e3c402ac66f776d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
content-encoding: gzip
last-modified: Wed, 08 Nov 2023 18:02:44 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"654bcd44-161ac"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Fri, 10 Nov 2023 06:25:12 GMT

GET
H2 200 vidvertoplayer.js Show response
ad.vidverto.io/vidverto/player/ 130 KB
41 KB 30ms
28ms Script
application/javascript 185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
content-encoding: gzip
last-modified: Wed, 01 Nov 2023 15:40:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"65427166-20687"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Fri, 10 Nov 2023 06:25:12 GMT

GET
H2 200 prebid.js Show response
ad.vidverto.io/js/achernar/ 293 KB
98 KB 46ms
44ms Script
application/javascript 185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/achernar/prebid.js
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
content-encoding: gzip
last-modified: Tue, 24 Oct 2023 15:09:23 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6537de23-49456"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Fri, 10 Nov 2023 06:25:12 GMT

GET
H2 200 invocation.min.css
ad.vidverto.io/vidverto/ 3 KB
850 B 14ms
13ms Stylesheet
text/css 185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/invocation.min.css
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
content-encoding: gzip
last-modified: Wed, 11 Nov 2020 16:53:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5fac1711-a0a"
vary: Accept-Encoding
content-type: text/css

GET
H2

200

sync
ad.vidverto.io/delivery/v2/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23
https://ad.vidverto.io/delivery/v2/sync?userid=4734e38c-1f92-48f2-9f87-756d1a659863&p_id=23

0
151 B

30ms
29ms

Image
text/plain

185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/v2/sync?userid=4734e38c-1f92-48f2-9f87-756d1a659863&p_id=23
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: https://ad.vidverto.io/delivery/v2/sync?userid=4734e38c-1f92-48f2-9f87-756d1a659863&p_id=23
date: Fri, 10 Nov 2023 05:25:12 GMT
cache-control: no-store no-transform
server: nginx
content-length: 161
content-type: text/html; charset=utf-8

GET
H2

200

sync
ad.vidver.to/delivery/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=80277530-0f0c-499a-9173-2ad33d40e43b&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=80277530-0f0c-499a-9173-2ad33d40e43b&gdpr=0&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=3c6e4a92-baab-523a-b6d7-8a7bd39a34c3&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent=
https://ad.vidver.to/delivery/v2/sync?userid=97119c1f-f6c5-45c2-847d-5a3195db1e04&p_id=15

0
155 B

51ms
13ms

Image
text/plain

190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidver.to/delivery/v2/sync?userid=97119c1f-f6c5-45c2-847d-5a3195db1e04&p_id=15
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: //ad.vidver.to/delivery/v2/sync?userid=97119c1f-f6c5-45c2-847d-5a3195db1e04&p_id=15
date: Fri, 10 Nov 2023 05:25:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 favicon-16px.png
ad.vidverto.io/images/ 900 B
1 KB 35ms
35ms Image
image/png 185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/images/favicon-16px.png
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ee0f3c3-384"
content-type: image/png
cache-control: max-age=604800, public, max-age=604800
accept-ranges: bytes
content-length: 900
expires: Fri, 17 Nov 2023 05:25:12 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F685 20 KB
5 KB 288ms
287ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6114863792501481&output=html&adk=1812271804&adf=3025194257&lmt=1699593912&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699593909962&bpp=4&bdt=1676&idt=2049&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=532339527080&frm=20&pv=2&ga_vid=1227439951.1699593909&ga_sid=1699593912&ga_hid=10435213&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079404%2C44798934%2C44807460%2C44807763%2C31078301%2C44806139%2C44808148&oid=2&pvsid=4346626498519&tmod=1184487915&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=2511

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea09668a15867d88baef41cef4d46e69a75c9f5fb6597609c43f39ab81dae9b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thewire.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5334
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:25:12 GMT
expires: Fri, 10 Nov 2023 05:25:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxVWpRLaJHrAB_K10e5LRTL0xgfID6OwsIrFdHc9ke3TYYc6Pg8-0Ny7ScY_ydtAxORHCsZSth0IRzdONAjEk7xVFSXJfd_Sek2njMlpl3S3eyBByeKT1a_X2YBsQNC7Fgo183Zpiw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVWpRLaJHrAB_K10e5LRTL0xgfID6OwsIrFdHc9ke3TYYc6Pg8-0Ny7ScY_ydtAxORHCsZSth0IRzdONAjEk7xVFSXJfd_Sek2njMlpl3S3eyBByeKT1a_X2YBsQNC7Fgo183Zpiw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk5NTkzOTEyLDQ4MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90aGV3aXJlLmluL2hlYWx0aC9kZWxoaS1zYWZkYXJqdW5nLWhvc3BpdGFsLWN5YmVyLWF0dGFjayIsbnVsbCxbWzgsIlFtZnRvbWtIdWpnIl0sWzksIm5sIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.QmftomkHujg.es5.O/am=CAM/d=1/rs=AJlcJMyzPDuL2-SAwlqgfl2QTMxMRq0f_A/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1381c8c162e998fe5c8bd4fe525042c2e63c65df7ebe11b4485b251394567056

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YeimR4erLKK-glwhPv1hMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-YeimR4erLKK-glwhPv1hMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 afpfChild.js Show response
adgebra.co.in/afpf/ 48 KB
13 KB 396ms
396ms Script
application/javascript 35.207.221.200
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://adgebra.co.in/afpf/afpfChild.js?hrId=2023111006
Requested by: Host: adgebra.co.in
URL: https://adgebra.co.in/afpf/afpf.js?p1=6014&p2=0&p3=0&p4=&p5=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS: 200.221.207.35.bc.googleusercontent.com
Software: /
Resource Hash: a2f31ef0df161b787fc0a7e5ec20bcf3d3e5c24c0f2176fb5c5656b545af1654

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 08 Nov 2023 16:32:12 GMT
accept-ranges: bytes
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/javascript

GET
H3 200 AGSKWxXgjDoZ3rA4w6FeBf0X1uB89iQhol5Rxc_5D2xcGcRfTPdrJmiVit0vArCOPu8xnb4xsqmUZuzuz2U4RSu9Yhd2CBMk5ptI4tUqVqfFqnvp0uTEhPh-2Tw2_97U9EKkeH5nqsFn4A== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 71ms
70ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXgjDoZ3rA4w6FeBf0X1uB89iQhol5Rxc_5D2xcGcRfTPdrJmiVit0vArCOPu8xnb4xsqmUZuzuz2U4RSu9Yhd2CBMk5ptI4tUqVqfFqnvp0uTEhPh-2Tw2_97U9EKkeH5nqsFn4A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk5NTkzOTEyLDU2NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyXSwiaHR0cHM6Ly90aGV3aXJlLmluL2hlYWx0aC9kZWxoaS1zYWZkYXJqdW5nLWhvc3BpdGFsLWN5YmVyLWF0dGFjayIsbnVsbCxbWzgsIlFtZnRvbWtIdWpnIl0sWzksIm5sIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

902c14b25019b0d78dec985b8e08ec85aa351f224d5e6bbd138a93d903ab429b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hZO7qLusX2Wsa05JyuFpvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-hZO7qLusX2Wsa05JyuFpvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sizzle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sizzle/2.3.3/ 19 KB
7 KB 100ms
28ms XHR
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sizzle/2.3.3/sizzle.min.js

Requested by

Host: go.automatad.com
URL: https://go.automatad.com/geo/LGXtf7/afihbs.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf56b9ab02e71124134fe967a552b3df1363722d7b0bee524abda31e403dd397

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 684890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6679
last-modified: Mon, 04 May 2020 16:16:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd4-4dc5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7CQNuAsKHVkTYjeTcV7WGDwBk9Pn0NAMJ%2BWHXsvwfbBdTcBWLtnd1hKId8LVVO3VnRzIxTyuSvrSqlbdbWuxlIQcJ88Lb%2BeFqlF7DXrlwCypuE9AoyMRL%2Bk%2F0%2BxAfjPCmQDgBNAvGkndXxxSAItJSBmI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 823bdfa3bcb09a21-FRA
expires: Wed, 30 Oct 2024 05:25:12 GMT

GET
H2 200 site Show response
adgebra.co.in/afpf/ 4 B
73 B 301ms
300ms XHR
text/html 35.207.221.200
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://adgebra.co.in/afpf/site?p1=6014&p2=23111006&p3=aiims%20cyber%20attack%2Caiims%20servers%2CLatest%20headlines%2Clatest%20news%2CSafdarjung%20Hospital%2CSafdarjung%20Hospital%20cyber%20attack%2CSafdarjung%20Hospital%20delhi%2Ctop%20headlines%2CTop%20News&pixel=6014
Requested by: Host: adgebra.co.in
URL: https://adgebra.co.in/afpf/afpfChild.js?hrId=2023111006
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS: 200.221.207.35.bc.googleusercontent.com
Software: /
Resource Hash: 803ac20b0345e3d5d741dc1c443d7d60034c564966758dee4254daa2ffaed607

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: https://thewire.in
date: Fri, 10 Nov 2023 05:25:12 GMT
via: 1.1 google
access-control-allow-credentials: true
content-length: 4
content-type: text/html;charset=UTF-8

GET
H2 200 embed.js Show response
public.flourish.studio/resources/ 20 KB
7 KB 71ms
19ms Script
application/javascript 143.204.98.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.flourish.studio/resources/embed.js
Requested by: Host: thewire.in
URL: https://thewire.in/public//app.main.deccd80a7fdd3a02a500.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-105.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 997ca0b1cc154c71522c1d2171ec97c8df949b3378c809493355bc5f37b39e7a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: T4HYLcpFNVeeCFEg469cIrRLFcjIyrfH
content-encoding: gzip
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
date: Fri, 10 Nov 2023 05:20:26 GMT
x-amz-cf-pop: FRA50-C1
age: 287
x-cache: Hit from cloudfront
last-modified: Thu, 09 Nov 2023 16:44:11 GMT
server: AmazonS3
etag: W/"118cd0701cfbdadf5f2ef2a0e4928aad"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: _3BBTc7Oni6Ba2mztzwfZsD9IiFDzj0rVkmzHXkbCQdAQCUz2Hk59w==

GET
H3 200 E5CVDS2QK5IRDGBGK46CPKQO6E.jpg
cdn.thewire.in/wp-content/uploads/2022/10/20152443/ 116 KB
117 KB 899ms
898ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thewire.in/wp-content/uploads/2022/10/20152443/E5CVDS2QK5IRDGBGK46CPKQO6E.jpg
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9607dedba0d574a54ba468572f8503fce02288031364033467dfbe7eac46677

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:13 GMT
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 118725
last-modified: Thu, 20 Oct 2022 09:54:44 GMT
server: cloudflare
etag: "548b26e2530763157357bb99532fd8f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eAhESR9QUFNCLrJtBH40Hy2amoaCfWryl32Y%2FqNoSK7bo1acYIrUAkUxcsOIdyavcmPonNbQDl2ycT%2FpEoQd%2FlUdlp3ysiE4ScmhsHfgNtEOyjEjHeVbIvKJnlTz%2FwFNFZwBRE%2FkWvVDIrGf9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 823bdfa42bd89a18-FRA
x-amz-cf-id: -G9UIbCSTcqQUikoPWk1TwJYUsFUXTkvSYibZCrAbjsq7F90HMZjUQ==

GET
H3 200 2022-12-01T074942Z_3_LYNXMPEIB01J8_RTROPTP_4_HEALTH-CORONAVIRUS-CHINA.jpg
cdn.thewire.in/wp-content/uploads/2022/12/01134332/ 310 KB
311 KB 4567ms
4567ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thewire.in/wp-content/uploads/2022/12/01134332/2022-12-01T074942Z_3_LYNXMPEIB01J8_RTROPTP_4_HEALTH-CORONAVIRUS-CHINA.jpg
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a4ce76d8d63fb815180a54174dadf787f86abe33498aa8f7178ee6055f96f52

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:13 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 317270
last-modified: Thu, 01 Dec 2022 08:13:33 GMT
server: cloudflare
etag: "8f07a93e5f41abd676be98a6e6157a13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrBu9XQuwLZ78mIkJYSNDY64IDz48NVcsC1psHh95sH38sh06NYa2Pq1tFHYY02dJ8DNFlwf0ohoy%2FX8W6uVnB4ZkEx1PDRWpYA8DcBauc%2F4IKIespVbpAAAtDLsAIdxib%2Btnucl7Eic%2FmZaLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 823bdfa42bda9a18-FRA
x-amz-cf-id: qI1U3ybp276FD_qofNVxFqQ2evhBqi3g_htEeyjQuMOL3vql7uZW0A==

GET
H3 200 AIIMS-file-3-k0jB-621x414%40LiveMint.jpg
cdn.thewire.in/wp-content/uploads/2018/01/10170232/ 64 KB
65 KB 843ms
842ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thewire.in/wp-content/uploads/2018/01/10170232/AIIMS-file-3-k0jB-621x414%40LiveMint.jpg
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2db14043debab749d1f520f381ef39249f412dfabb16b92f127b34a032699880

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:13 GMT
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 65944
last-modified: Wed, 10 Jan 2018 11:32:39 GMT
server: cloudflare
etag: "bb2ed4d36c122497dbad35ad58aad8c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjQ6cZIKE1AIOpCzjUr8789XM27vaClfCaS2QvygZbH6vj%2FC%2Fqah5PKG1dtorrmb5sBonTgtuYub0AwS0T8u%2FiRBhFvq6nOMep7tpMVvcfuksrXnofBHFWtntr2HEb6oU2xoLLx7n0TeMZmRQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 823bdfa42bdb9a18-FRA
x-amz-cf-id: W0zhVi4l6QT8fUp9EpwfWY6FwS3txNVdRFWp3ucSVu0ADJWzc-MXmw==
expires: Thu, 10 Jan 2019 11:32:32 GMT

GET
H3 200 2021-06-08T111950Z_2_LYNXNPEH570HZ_RTROPTP_4_HEALTH-CORONAVIRUS-INDIA-VACCINE-2.jpg
cdn.thewire.in/wp-content/uploads/2021/06/08182129/ 151 KB
151 KB 5107ms
5107ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thewire.in/wp-content/uploads/2021/06/08182129/2021-06-08T111950Z_2_LYNXNPEH570HZ_RTROPTP_4_HEALTH-CORONAVIRUS-INDIA-VACCINE-2.jpg
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1cadfc0d3c46286651ae90c2051a93ccbc3bb9e1758d5ce1c291e0f336d51f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:13 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 154308
last-modified: Tue, 08 Jun 2021 12:51:30 GMT
server: cloudflare
etag: "dedff577544e7d8e86b4d01ff81321b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIcuhoReAmGfRb0EZeIGWsl52lF1Nsz8M%2FDbR61lEKszgTqTujRXlbE%2B%2FXFGLfKji8rmVVOBmYfrfuCcZhaCheTHc6U42648Y%2FlboL%2FBL8JeJ3QBeu7BMoNTyT0ucsLx2Bn%2B0vjdm%2FCTjRu6yA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 823bdfa42bdc9a18-FRA
x-amz-cf-id: Bsj6G8eW9mw8BMcO7sM79NoRL6UsmDHZA8_1yUWPriZI5OWhyn3LLA==
expires: Wed, 08 Jun 2022 12:51:29 GMT

GET
DATA 200
OK truncated
/ 234 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f155c532ca870ea4ce02210df732aba9d787dabe07f44e71f30a80b2fffaf31

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 / Show response
thewire.in/wp-json/thewire/v2/posts/detail/delhi-safdarjung-hospital-cyber-attack/ 4 KB
2 KB 6735ms
6735ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thewire.in/wp-json/thewire/v2/posts/detail/delhi-safdarjung-hospital-cyber-attack/?type=recommended&per_page=3

Requested by

Host: thewire.in
URL: https://thewire.in/public//app.main.deccd80a7fdd3a02a500.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3176dad4408f88d6e8f2fe3806132295be248e736ade0ce3e8004925124f2aa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded;multipart/form-data

Response headers

date: Fri, 10 Nov 2023 05:25:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding, Origin
allow: GET
content-type: application/json; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgAJbua4ByjR6xP%2B9x7ZwHKRypn0kDtQEZjMDE3RIIv8HS7x9faKGQkuxMVKl74ABjJ29l1Budz3N3zRie7aB5rUzvDXxMzqevWb7Tqo2FxHadhD2%2BrLvUxem4BjZtYiBzhhPb5ARaER"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
x-robots-tag: noindex
link: <https://thewire.in/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, Content-Type
cf-ray: 823bdfa44bf09a18-FRA

GET
H2 200 load-cookies.html Show response
b2cdn.automatad.com/geo/amp_user_sync/ Frame F3F9 7 KB
4 KB 4372ms
158ms Document
text/html 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://b2cdn.automatad.com/geo/amp_user_sync/load-cookies.html
Requested by: Host: go.automatad.com
URL: https://go.automatad.com/geo/LGXtf7/afihbs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a01::1000:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-LA1-1000 /
Resource Hash: c6871b85c46dbe6768b62845b6f6bfc1bb02351cd074732f7ded5bfceaedd458

Request headers

Referer: https://thewire.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: public, max-age=43200
cdn-cache: HIT
cdn-cachedat: 05/23/2023 15:33:04
cdn-edgestorageid: 1002
cdn-proxyver: 1.03
cdn-pullzone: 87832
cdn-requestcountrycode: NL
cdn-requestid: 861a5d395c48a2c727a2321c75b09897
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 02ba462e-865f-4abf-a9cd-22f9021b3a43
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 10 Nov 2023 05:25:17 GMT
last-modified: Wed, 03 Aug 2022 08:28:20 GMT
server: BunnyCDN-LA1-1000
vary: Accept-Encoding
x-iplb-instance: 28795
x-iplb-request-id: B95D01F9:FEEB_8E2CE366:01BB_63D8EE5B_36AED9B0:D799
x-object-meta-mtime: 1659515253.288520914
x-openstack-request-id: tx694d5f3f89ec40f29f4d5-0063d8ee5b
x-timestamp: 1659515299.75866
x-trans-id: tx694d5f3f89ec40f29f4d5-0063d8ee5b

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 265 KB
65 KB 84ms
22ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: go.automatad.com
URL: https://go.automatad.com/geo/LGXtf7/afihbs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a15af42dcf8e6705a1ecea1dc8a864ce0c050b8c2dc5365d760f6f8b2477825

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:31:03 GMT
content-encoding: gzip
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront), 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
last-modified: Wed, 01 Nov 2023 21:46:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 3250
x-amz-server-side-encryption: AES256
etag: W/"952090f32d44601808d121a61e707826"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: E7UTEl8K1-DbaZ-VoVRcZpAVIesyzMLnLkhwBIXyHKtps_Vx1WZdgQ==

GET
H2 200 0cacadd5-7d2a-4f53-879f-72337dd1f3a2 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
802 B 66ms
19ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/0cacadd5-7d2a-4f53-879f-72337dd1f3a2
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 35e8c860bcf02fb86cfbb03cf8c1eaf1ff3b6ec54a5924ca9c8feee69872be5e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:58:15 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1618
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: LvOBcgzAKQeZQotISEkUZoOWsM9i5T8mNTWMUvpzOk0iYAWY2CVepA==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
307 B 21ms
20ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fthewire.in&pubid=0cacadd5-7d2a-4f53-879f-72337dd1f3a2
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 23:41:56 GMT
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 20596
x-cache: Hit from cloudfront
access-control-allow-origin: https://thewire.in
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: Jln_2_2g1Ue3YeUVJem_tOBJz9-XdpQSYiM_7RyORVbK8R5tdY_qKw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
458 B 117ms
62ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&pid=ptkIQpxtUiluK&cb=0&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22fi-ash-1576524099-2501_29430_86739%22%2C%22s%22%3A%5B%22540x400%22%5D%2C%22sn%22%3A%2222631205490%2FATD_TheWire%2FATD_540x400_Articlepage_Last_two%22%7D%2C%7B%22sd%22%3A%22fi-ash-1656918262-8301_75462_64505%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2222631205490%2FATD_TheWire%2FATD_728x90_TOP%22%7D%2C%7B%22sd%22%3A%22fi-ash-1655445090-5371_49968_94081%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2222631205490%2FATD_TheWire%2FATD_300x250_INR%22%7D%2C%7B%22sd%22%3A%22fi-ash-1655445090-5371_31739_81191%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2222631205490%2FATD_TheWire%2FATD_300x250_INR%22%7D%2C%7B%22sd%22%3A%22fi-ash-1690202221-4311%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2222631205490%2FATD_TheWire%2FATD_728x90_Footer_Desktop%22%7D%5D&schain=1.0%2C1!automatad.com%2C2311914055616904%2C1%2C%2C%2C&pubid=0cacadd5-7d2a-4f53-879f-72337dd1f3a2&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:13 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: 4M345YZ5SJB7DYXXT79H
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://thewire.in
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Wo1s7-VbeMGW-KreS-Dp_qyKl44Z2ZA3hS22hOfn7qcJcGs8jnUxKQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 59ms
20ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
date: Fri, 10 Nov 2023 05:14:46 GMT
x-amz-cf-pop: FRA56-P6
age: 628
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: GoCzmixyLjP0yS-p3xCZZS-6V-zq1nLxTiBcGElbfR3cBcY6J9h5TQ==

GET
H2 200 NotToServe Show response
adgebra.co.in/AdServing/ 74 B
285 B 303ms
303ms Script
text/plain 35.207.221.200
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://adgebra.co.in/AdServing/NotToServe?p1=0&p2=0&p3=71&p4=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&p5=0&p6=2
Requested by: Host: adgebra.co.in
URL: https://adgebra.co.in/afpf/afpfChild.js?hrId=2023111006
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS: 200.221.207.35.bc.googleusercontent.com
Software: /
Resource Hash: 276a85f0c66ece83900c49b3dc860d5c98b61ac246abec409ce920fbf9179f9a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 10 Nov 2023 05:25:12 GMT
via: 1.1 google
access-control-allow-headers: Content-Type, Accept, X-Requested-With,Origin, Control-Request-Method,remember-me, Access-Control-Request-Headers,Authorization, x-auth-token
content-length: 74
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
406 B 22ms
22ms Fetch
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://thewire.in
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 video_playlist.js Show response
ad.vidverto.io/vidverto/player/ui/js/ 112 KB
32 KB 28ms
28ms Script
application/javascript 185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1698683788
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:13 GMT
content-encoding: gzip
last-modified: Mon, 30 Oct 2023 17:37:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"653fe9e1-1bee3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Fri, 10 Nov 2023 06:25:13 GMT

GET
H2 200 video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 61 KB
9 KB 15ms
15ms Stylesheet
text/css 185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:13 GMT
content-encoding: gzip
last-modified: Sun, 28 Feb 2021 22:32:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"603c1a08-f52f"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 bridge3.603.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6062 756 KB
243 KB 21ms
20ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

294feb6a114a8d5497b34c14bd6666b75f0781447823cb048f2b52bad0237837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thewire.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 95574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 248265
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 02:52:19 GMT
expires: Fri, 08 Nov 2024 02:52:19 GMT
last-modified: Thu, 09 Nov 2023 02:42:06 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 444ms
72ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Nov 2023 05:25:13 GMT

GET
H2 200 Clip_119x34.png
cdn.adgebra.net/custom/generic/ 4 KB
5 KB 347ms
347ms Image
image/png 129.227.190.211
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adgebra.net/custom/generic/Clip_119x34.png
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 129.227.190.211 New Delhi, India, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: Zen/2.7 /
Resource Hash: a86fc8e90237057b5966ead76f6a5477515da31b9ac0c9e4c732f7eabcd5e194

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:13 GMT
via: https/1.1 IN.DEL1.837.E.190.210 (Cache-6.1.14)
age: 666104
x-guploader-uploadid: ABPtcPp6j3Zqnm206XzDn8-eAL5e344vyQTpNdinxi-MpPHZY-gZyLBEQRg7SrQ6OhAbHmkv9Fo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cache-server: ZenCache
x-goog-stored-content-encoding: identity
content-length: 4478
hittype: TCP_MEM_HIT
last-modified: Thu, 27 Jul 2023 09:38:04 GMT
server: Zen/2.7
etag: "0263d5ad8977124252e426a0dfc56ffa"
x-goog-generation: 1690450684253658
content-type: image/png
x-goog-hash: crc32c=I7Hniw==, md5=AmPVrYl3EkJS5Cag38Vv+g==
cache-control: public, max-age=3600
x-goog-stored-content-length: 4478
accept-ranges: bytes
expires: Thu, 02 Nov 2023 13:23:28 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/canary/ Frame 6940 40 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/canary/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 04:17:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 10 Nov 2023 06:10:19 GMT

GET
H2 200 video
ad.vidverto.io/delivery/rtb/ 0
0 23ms
22ms Image
text/xml 185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/rtb/video?data=zjDqorZg82lVKG4wiUUuKzakPK3xsyS334vYWu%2FeERIOyONSUdBf4lrkzYQt128LPkGjYsd6TOm%2F4L26SgYIs5ipOOoNohRSUbsMQzAnLgq5KNUWRc%2Bx932CPnzi10xfAn41nCPS4neYeH22VU%2FOIUegcClC%2BqZcglDt8S5vIMz0r%2BudmKyXtkds8IR6VU0s4rwBm9%2BHvlFpolQMNi8cTe115Z5kX1tuYQ6TKLw1CURUaq8aKigr0rbYLvgmzRPoea907o1PO%2BXgxBLiJzCC6EG%2F1xNchI5FTq%2FI2dCYk4KzPCO%2F1mD2PQFpfa69pa2q9k0ueTggynM%2BnMd013hqShasZRL8ySjuyjac5O5qpIm1vsr2J05wWnDzskykZZSS6%2B4UR99HquifQkHHjh2R0Et2Z%2Bxa44VoPBLD3GvOw9Gow2Fv79MfWeKmU7jyMRHicC%2BSCbthKaXHTkLblAnBkcbE5N0s%2F1zXxRlLzeGVvjZ1ESU%2Fxift%2B6nyanYfEgUULObX2wK2nYILQsNgwJ9rkmYbZ5Dxtbln%2BzjovFMIHKyOxiYaOnLa4WnYT6vkJltk7x06QIUc8iBD5pOuFRe%2FMJGLqWhpc6sNRBEsyWZNJvc%3D
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/6NpOYze4e035oWEbRYFoCQ:1699597512/1169/video/1961/ 80 KB
0 49ms
13ms Media
video/mp4 212.8.250.43
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/6NpOYze4e035oWEbRYFoCQ:1699597512/1169/video/1961/480_650.mp4
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.43 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://thewire.in/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 10 Nov 2023 05:25:13 GMT
Last-Modified: Thu, 02 Sep 2021 16:25:54 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fb12-fa564c"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-16406091/16406092
Connection: keep-alive
Content-Length: 16406092

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thewire.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:19:05 GMT
x-content-type-options: nosniff
age: 39968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 18:19:05 GMT

GET
H2 200 logo.svg
ad.vidverto.io/vidverto/player/ 414 B
551 B 14ms
13ms Image
image/svg+xml 185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/vidverto/player/logo.svg
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:13 GMT
last-modified: Wed, 04 May 2022 14:39:21 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "62729019-19e"
content-length: 414
content-type: image/svg+xml

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/6NpOYze4e035oWEbRYFoCQ:1699597512/1169/video/1961/ 8 KB
0 41ms
14ms Media
video/mp4 212.8.250.43
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/6NpOYze4e035oWEbRYFoCQ:1699597512/1169/video/1961/480_650.mp4
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.43 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://thewire.in/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 10 Nov 2023 05:25:13 GMT
Last-Modified: Thu, 02 Sep 2021 16:25:54 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fb12-fa564c"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-16406091/16406092
Connection: keep-alive
Content-Length: 16406092

GET
H2 200 bridge3.603.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame A26A 756 KB
243 KB 1884ms
1883ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

294feb6a114a8d5497b34c14bd6666b75f0781447823cb048f2b52bad0237837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thewire.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 95574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 248265
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 02:52:19 GMT
expires: Fri, 08 Nov 2024 02:52:19 GMT
last-modified: Thu, 09 Nov 2023 02:42:06 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1267 40 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 10 Nov 2023 06:12:43 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/6NpOYze4e035oWEbRYFoCQ:1699597512/1169/video/1961/ 214 KB
214 KB 39ms
14ms Media
video/mp4 212.8.250.43
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/6NpOYze4e035oWEbRYFoCQ:1699597512/1169/video/1961/480_650.mp4
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.43 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: bb3daa4de2ab7e57d626105b1a389f6b41d10faaa2c3be795ab171b9306c5069

Request headers

Referer: https://thewire.in/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Range: bytes=16187392-

Response headers

Date: Fri, 10 Nov 2023 05:25:13 GMT
Last-Modified: Thu, 02 Sep 2021 16:25:54 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fb12-fa564c"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 16187392-16406091/16406092
Connection: keep-alive
Content-Length: 218700

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/6NpOYze4e035oWEbRYFoCQ:1699597512/1169/video/1961/ 36 KB
0 15ms
15ms Media
video/mp4 212.8.250.43
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/6NpOYze4e035oWEbRYFoCQ:1699597512/1169/video/1961/480_650.mp4
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.43 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://thewire.in/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Range: bytes=65536-

Response headers

Date: Fri, 10 Nov 2023 05:25:13 GMT
Last-Modified: Thu, 02 Sep 2021 16:25:54 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fb12-fa564c"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 65536-16406091/16406092
Connection: keep-alive
Content-Length: 16340556

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 35ms
34ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=6.05675073300617

Requested by

Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-BOq36QoYAlLSofIGvjohwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-BOq36QoYAlLSofIGvjohwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 43ms
43ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=7.739511502583654

Requested by

Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gdwCpbIB8hh0lch1l0BAzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-gdwCpbIB8hh0lch1l0BAzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW4EsK78gBnvMOTHlJlCXqZnKnnWUJv4h5wzRE60unkwbx1TEm4nwje9B7gYBxjwCDkONe8I-2x75JrJeWTI5XXIRpdRFlPlm5f86VeEvLvEiVocbqYHoYmKZDiKEvHHGDooVoKZw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 121ms
34ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW4EsK78gBnvMOTHlJlCXqZnKnnWUJv4h5wzRE60unkwbx1TEm4nwje9B7gYBxjwCDkONe8I-2x75JrJeWTI5XXIRpdRFlPlm5f86VeEvLvEiVocbqYHoYmKZDiKEvHHGDooVoKZw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ezpo5GyivNQYBW-WXA8prA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Nov 2023 05:25:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ezpo5GyivNQYBW-WXA8prA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thewire.in
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 18ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-65DW8NFTWS&gtm=45je3b81v870102618&_p=1699593908378&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1227439951.1699593909&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1699593908&sct=1&seg=0&dl=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&dt=After%20AIIMS%2C%20Delhi%27s%20Safdarjung%20Hospital%20Reports%20Being%20Hit%20by%20a%20Cyber%20Attack%20in%20November&en=scroll&epn.percent_scrolled=90&_et=5&tfd=6935
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-65DW8NFTWS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thewire.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adcontainer Show response
fundingchoicesmessages.google.com/f/AGSKWxX5CgEZPVxYQEa1UavsdexRMHSOkEoh1VAfjO7c1dLVpjgT_8YEuR8TvdfB1yKF3QiaswWFLh1_IXdmFIcYUi-LIsgWvhozYdXaRpLO9SCw3Pxzu9pP-u98AfQiLuDGFS7r1KFM8n-1cs8jBWrHkI3NoLHdy... 54 B
109 B 36ms
36ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX5CgEZPVxYQEa1UavsdexRMHSOkEoh1VAfjO7c1dLVpjgT_8YEuR8TvdfB1yKF3QiaswWFLh1_IXdmFIcYUi-LIsgWvhozYdXaRpLO9SCw3Pxzu9pP-u98AfQiLuDGFS7r1KFM8n-1cs8jBWrHkI3NoLHdy7jDtQ9FRha6rCO9vmHLxIL_fpzm9KNF/_/adcontainer?-468x60px-/ad3./adsManagerV2./ad16.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.QmftomkHujg.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyH1gmavfTZeYOtTjrh1PT2IKQr0g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

40cdb6667cdeded049f044e8d0b19d69172ee4690dbcf79a16058792ff26b8a7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-rs1gxUKO6ry-Xs65zviljA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-rs1gxUKO6ry-Xs65zviljA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ef806f90677b871606b848e1be59005b7000838cdeb37b2b43095fb1d747641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52910
x-xss-protection: 0
server: cafe
etag: 18053763874169237369
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 05:25:14 GMT

POST
H3 204 AGSKWxW4EsK78gBnvMOTHlJlCXqZnKnnWUJv4h5wzRE60unkwbx1TEm4nwje9B7gYBxjwCDkONe8I-2x75JrJeWTI5XXIRpdRFlPlm5f86VeEvLvEiVocbqYHoYmKZDiKEvHHGDooVoKZw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 33ms
32ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW4EsK78gBnvMOTHlJlCXqZnKnnWUJv4h5wzRE60unkwbx1TEm4nwje9B7gYBxjwCDkONe8I-2x75JrJeWTI5XXIRpdRFlPlm5f86VeEvLvEiVocbqYHoYmKZDiKEvHHGDooVoKZw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qAKq60nYrUsHWkHkj2U9vQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Nov 2023 05:25:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-qAKq60nYrUsHWkHkj2U9vQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thewire.in
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW4EsK78gBnvMOTHlJlCXqZnKnnWUJv4h5wzRE60unkwbx1TEm4nwje9B7gYBxjwCDkONe8I-2x75JrJeWTI5XXIRpdRFlPlm5f86VeEvLvEiVocbqYHoYmKZDiKEvHHGDooVoKZw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 255ms
255ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW4EsK78gBnvMOTHlJlCXqZnKnnWUJv4h5wzRE60unkwbx1TEm4nwje9B7gYBxjwCDkONe8I-2x75JrJeWTI5XXIRpdRFlPlm5f86VeEvLvEiVocbqYHoYmKZDiKEvHHGDooVoKZw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7OLPJfewzLh77j4HDe4Uag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Nov 2023 05:25:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-7OLPJfewzLh77j4HDe4Uag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thewire.in
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW4EsK78gBnvMOTHlJlCXqZnKnnWUJv4h5wzRE60unkwbx1TEm4nwje9B7gYBxjwCDkONe8I-2x75JrJeWTI5XXIRpdRFlPlm5f86VeEvLvEiVocbqYHoYmKZDiKEvHHGDooVoKZw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 192ms
192ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW4EsK78gBnvMOTHlJlCXqZnKnnWUJv4h5wzRE60unkwbx1TEm4nwje9B7gYBxjwCDkONe8I-2x75JrJeWTI5XXIRpdRFlPlm5f86VeEvLvEiVocbqYHoYmKZDiKEvHHGDooVoKZw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-laQNAiUkz-na6EZgK-Smgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Nov 2023 05:25:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-laQNAiUkz-na6EZgK-Smgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://thewire.in
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW4EsK78gBnvMOTHlJlCXqZnKnnWUJv4h5wzRE60unkwbx1TEm4nwje9B7gYBxjwCDkONe8I-2x75JrJeWTI5XXIRpdRFlPlm5f86VeEvLvEiVocbqYHoYmKZDiKEvHHGDooVoKZw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 191ms
191ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW4EsK78gBnvMOTHlJlCXqZnKnnWUJv4h5wzRE60unkwbx1TEm4nwje9B7gYBxjwCDkONe8I-2x75JrJeWTI5XXIRpdRFlPlm5f86VeEvLvEiVocbqYHoYmKZDiKEvHHGDooVoKZw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1AkL2xYS72xthEyFtn8zmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Nov 2023 05:25:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-1AkL2xYS72xthEyFtn8zmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://thewire.in
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUkQAaNxDRZaujtrScWre1ItjfAPtA6PbEiLJIL-HA9AqQiperP3OI4_xKzlHZRmH1hLFGMKNYhLggLXxiRgDINYWSi3Q1UduB6aFP9sQPcE_i70_F_LrlgpPiT-U4dOT5Oq6p22g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 106ms
105ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUkQAaNxDRZaujtrScWre1ItjfAPtA6PbEiLJIL-HA9AqQiperP3OI4_xKzlHZRmH1hLFGMKNYhLggLXxiRgDINYWSi3Q1UduB6aFP9sQPcE_i70_F_LrlgpPiT-U4dOT5Oq6p22g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk5NTkzOTE0LDY3OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly90aGV3aXJlLmluL2hlYWx0aC9kZWxoaS1zYWZkYXJqdW5nLWhvc3BpdGFsLWN5YmVyLWF0dGFjayIsbnVsbCxbWzgsIlFtZnRvbWtIdWpnIl0sWzksIm5sIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ee23904cba5e5a82ab081497a1c153af2d7363aabd374fe64484ba1708955fb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kOFy_uDV7ixixTlZ4Gdc1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kOFy_uDV7ixixTlZ4Gdc1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUkjzlEVIKMzpojFTCu5XV21swCxooIyzvKbwahbsIZ5hlerCDlCe4smcipDEAaqwcER-F_eVa5FqzABH1Zro-ksq5lYiLVclLjVyIjM28M0twpThpdfp_gzKFeYrn-V6v4GFI_LA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 33ms
33ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUkjzlEVIKMzpojFTCu5XV21swCxooIyzvKbwahbsIZ5hlerCDlCe4smcipDEAaqwcER-F_eVa5FqzABH1Zro-ksq5lYiLVclLjVyIjM28M0twpThpdfp_gzKFeYrn-V6v4GFI_LA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZHcQMMwLsZMd9lAjvu3sJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Nov 2023 05:25:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZHcQMMwLsZMd9lAjvu3sJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://thewire.in
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 4 KB
2 KB 789ms
730ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 05:25:15 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 06 Nov 2023 14:13:09 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 312996
ETag: W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8AGctoPG7iodULcIn3Dai6mWgiunYlKYaLxwVSgmGiVkb8DGx%2FGG%2BZhZzHeaOhXLbJWV1GurugpPxf7uPPjlnmHDvSK3glgp%2BBY4OiiO4ofLF0BGE7epiNpmGwaT5o%2BD9rnnAKwStGENH0wC"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 823bdfb1ed248fc5-FRA

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 709 B
677 B 294ms
210ms XHR
application/json 54.76.48.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&PageUrl=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&PageReferrer=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&CanonicalUrl=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack

Requested by

Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.48.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-48-154.eu-west-1.compute.amazonaws.com

Software

Resource Hash

9b1640e8a9d6efdefc03f6a0f5aa28438e95152c4621d98fa2ecdb30257584ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Nov 2023 05:25:15 GMT
via: kong/2.8.4
x-content-type-options: nosniff
content-encoding: gzip
x-kong-proxy-latency: 0
x-kong-upstream-latency: 179
pragma: no-cache
access-control-max-age: 3600
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://thewire.in
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
109 B 69ms
19ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thewire.in
date: Fri, 10 Nov 2023 05:25:14 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 27 KB
8 KB 268ms
218ms XHR
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

b77b6b1c82035a429699461941971a991d3b10f44389da5f88d8fa623a3718a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
content-encoding: gzip
an-x-request-uuid: 9860ae48-b55b-49cc-acb3-aa1a2c8b6cc0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://thewire.in
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.199.131; 95.211.199.131; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
496 B 86ms
49ms XHR
application/json 216.52.2.86
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.52.0
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 9c016209709be03a701f72213727dbcebf530f82ba4ed860908c4adb80861ec7

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 10 Nov 2023 05:25:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://thewire.in
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 171 B
552 B 183ms
83ms XHR
application/json 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash: ff4f488eb141eedf44d088315c2f3d9f62039e072749e34478843f41b6f66f92

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:14 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://thewire.in
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 171 B
552 B 186ms
86ms XHR
application/json 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash: ff4f488eb141eedf44d088315c2f3d9f62039e072749e34478843f41b6f66f92

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:14 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://thewire.in
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 171 B
552 B 180ms
81ms XHR
application/json 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash: ff4f488eb141eedf44d088315c2f3d9f62039e072749e34478843f41b6f66f92

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:14 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://thewire.in
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 171 B
552 B 188ms
89ms XHR
application/json 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash: ff4f488eb141eedf44d088315c2f3d9f62039e072749e34478843f41b6f66f92

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:14 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://thewire.in
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
406 B 23ms
23ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://thewire.in
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 adreq Show response
ads.servenobid.com/ 693 B
672 B 100ms
31ms XHR
application/json 52.31.140.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=5281
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: be9ac5334c942b3faa67a8aed6530b2df9fd1881da01981edafe1c3cb61cad02

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Nov 2023 05:25:15 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://thewire.in
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
2 KB 77ms
40ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUKH8M64
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: a770092b89874fd0140243763957f3f98eeeedc29fd6eb7b52c08afb2d04df0e

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:14 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://thewire.in
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 05:25:15 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
377 B 148ms
70ms XHR
application/json 23.52.123.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-123-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://thewire.in
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 10 Nov 2023 05:25:15 GMT

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 105 B
448 B 120ms
35ms XHR
application/json 99.81.57.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 99.81.57.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-57-59.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 54f63db68a68d6d618fb5113ceb6d555b6956ee256cce877c8fa728e1310bef6

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Nov 2023 05:25:15 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://thewire.in
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 183ms
85ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?attrep=f&attua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36&atthead=t&attinj=t&attexp=none&lid=169&sdkv=h.3.603.0&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 173ms
87ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?mode=2&lid=41&sdkv=h.3.603.0&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 169ms
86ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?native=f&gdpr=f&tcStrValid=f&lid=165&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 165ms
86ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type=thirdparty&ctv=0&lid=6&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 158ms
81ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.932724306524664&time=1699593915359&lid=43&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 149ms
79ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1699593915365&timeout=f&logid=0.932724306524664&timediff=6&lid=43&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 142ms
72ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?rt=thirdparty&lid=17&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ojldgFVQlo4P%2FmknyZ0L1Lr8Zfhs%2BSvGZITsMJHXYz17oHj%2BId4r5yCCeEva99PSBNQ8zNs7W4r13TdMGiGrsLFZvCIGn1Ss%2FtMWP8ZAtLZkKw44NYpBoFDJxrqhx%2Ff4xlGm2FsaZ3ypRemTIoEhVJp4NSbjidUMPlb01lGJpD9fq5WETPyHr%2Bd6Y... Show response
ad.vidverto.io/delivery/video/pod/ Frame 6062 32 KB
14 KB 44ms
43ms XHR
text/xml 185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/delivery/video/pod/ojldgFVQlo4P%2FmknyZ0L1Lr8Zfhs%2BSvGZITsMJHXYz17oHj%2BId4r5yCCeEva99PSBNQ8zNs7W4r13TdMGiGrsLFZvCIGn1Ss%2FtMWP8ZAtLZkKw44NYpBoFDJxrqhx%2Ff4xlGm2FsaZ3ypRemTIoEhVJp4NSbjidUMPlb01lGJpD9fq5WETPyHr%2Bd6Ye5gUTy2jAoVDcO4evG6Aw7ypPuNY%2FTC2SiVlPW%2F3zxyNUxIbqg4uRslmRQtK5I43%2BYifbL28PsHaC1e0oP%2FOIHSXdeoRKTvCzfQGdKpAwLsFNU0tBqmWpZh%2F0vApVkwzf1Dpi5CpRLDO0lL8KMexgH%2F4EF9Ou8Lenj0WTKnHwpvbWN8RMhhIxJAglGaY4FGhk8fXpUXB8ExFYioNBvUt6u2IdljIbV8DQsPhqKTitWwuWQhQ8Ed%2BrcM9H2ThTAZyg1%2BZPuVdNOQ%2B8xI8jEAGUD8RDliBVQ4yuOfHFjqkiXoMMY5RghV91pNLticGLoGOYl1TMYsnBzmeGus%2Fe3b4wKENOObM7F8xhRfL9hQv34yYURjaf4e1BNBtAnTD0okhVgPTGyK6l4CEBdN%2B3sr9gy4fBII5bYehABa%2FflJJV0%2FNotVqDYLnSlwtM7WYskNzy74za3P?bids=%7B%7D
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5d60c3f9c6e11e3f776f7adc30afba922f18ffa4d4293f46c349ffa0ddb4da59

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Fri, 10 Nov 2023 05:25:15 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/xml;charset=UTF-8

POST
H2 204 csi
csi.gstatic.com/ Frame 6062 0
225 B 2037ms
281ms Ping
image/gif 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~los6c248&c=532339527080&slotId=266169763540&eee=missing-element&bi=missing-id&faa=1&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c05::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 98ms
81ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?sic=1&eic=0&lst=src&lec=-1&lid=176&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 97ms
79ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 103ms
86ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.22818521344053289&time=1699593915420&lid=43&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 103ms
86ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.9346831880567736&time=1699593915420&lid=43&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 103ms
86ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.8577609130796842&time=1699593915420&lid=43&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 97ms
81ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.9806865229602577&time=1699593915420&lid=43&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 98ms
82ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.4926484071299433&time=1699593915420&lid=43&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 88ms
85ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1699593915432&timeout=f&logid=0.22818521344053289&timediff=12&lid=43&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 89ms
86ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?rt=xfp&lid=17&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 89ms
87ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?contentLocation=flat&lid=160&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame 6062 156 B
489 B 660ms
274ms XHR
text/xml 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22802248553%2Fivm_video%2Fivm_thewire.in_video&description_url=http%3A%2F%2Fthewire.in&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3890929918554765&cust_params=mt_fln%3D4&sdkv=h.3.603.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&gdpr=0&sdki=445&ptt=20&adk=3639960262&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.603.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F6NpOYze4e035oWEbRYFoCQ%3A1699597512%2F1169%2Fvideo%2F1961%2F480_650.mp4&sid=80DC09EF-DA91-4426-A7C2-F8DFEBAD01ED&nel=0&eid=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&url=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&dt=1699593915434&cookie_enabled=1&scor=4282693898353133&ged=ve4_td7_tt1_pd7_la7000_er1837.501.1862.1221_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 86ms
86ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1699593915438&timeout=f&logid=0.9346831880567736&timediff=18&lid=43&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 86ms
85ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 86ms
86ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6062 156 B
903 B 602ms
217ms XHR
text/xml 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22802248553%2Fthewire.in%2Fvast_2.5&description_url=https%3A%2F%2Fthewire.in&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3890929918554765&sdkv=h.3.603.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&gdpr=0&sdki=445&ptt=20&adk=3639960262&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.603.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F6NpOYze4e035oWEbRYFoCQ%3A1699597512%2F1169%2Fvideo%2F1961%2F480_650.mp4&sid=80DC09EF-DA91-4426-A7C2-F8DFEBAD01ED&nel=0&eid=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&url=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&dt=1699593915438&cookie_enabled=1&scor=4282693898353133&ged=ve4_td7_tt1_pd7_la7000_er1837.501.1862.1221_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 91ms
91ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1699593915440&timeout=f&logid=0.8577609130796842&timediff=20&lid=43&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 91ms
91ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 91ms
91ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame 6062 156 B
456 B 656ms
274ms XHR
text/xml 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22802248553%2Fmt_video_NPR%2Fmt_thewire.in_video&description_url=http%3A%2F%2Fthewire.in&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3890929918554765&cust_params=mt_fln%3D2.5&sdkv=h.3.603.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&gdpr=0&sdki=445&ptt=20&adk=3639960262&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.603.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F6NpOYze4e035oWEbRYFoCQ%3A1699597512%2F1169%2Fvideo%2F1961%2F480_650.mp4&sid=80DC09EF-DA91-4426-A7C2-F8DFEBAD01ED&nel=0&eid=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&url=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&dt=1699593915440&cookie_enabled=1&scor=4282693898353133&ged=ve4_td7_tt1_pd7_la7000_er1837.501.1862.1221_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 136ms
136ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1699593915443&timeout=f&logid=0.9806865229602577&timediff=23&lid=43&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 89ms
89ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 107ms
107ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6062 156 B
416 B 607ms
228ms XHR
text/xml 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22802248553%2Fthewire.in_video_preroll&description_url=https%3A%2F%2Fthewire.in&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3890929918554765&sdkv=h.3.603.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&gdpr=0&sdki=445&ptt=20&adk=3639960262&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.603.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F6NpOYze4e035oWEbRYFoCQ%3A1699597512%2F1169%2Fvideo%2F1961%2F480_650.mp4&sid=80DC09EF-DA91-4426-A7C2-F8DFEBAD01ED&nel=0&eid=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&url=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&dt=1699593915443&cookie_enabled=1&scor=4282693898353133&ged=ve4_td7_tt1_pd7_la7000_er1837.501.1862.1221_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 132ms
132ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1699593915446&timeout=f&logid=0.4926484071299433&timediff=26&lid=43&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 112ms
112ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 132ms
132ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame 6062 156 B
455 B 900ms
525ms XHR
text/xml 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22802248553%2Fivm_video%2Fivm_thewire.in_video&description_url=http%3A%2F%2Fthewire.in&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3890929918554765&cust_params=mt_fln%3D1.5&sdkv=h.3.603.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&gdpr=0&sdki=445&ptt=20&adk=3639960262&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.603.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F6NpOYze4e035oWEbRYFoCQ%3A1699597512%2F1169%2Fvideo%2F1961%2F480_650.mp4&sid=80DC09EF-DA91-4426-A7C2-F8DFEBAD01ED&nel=0&eid=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&url=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&dt=1699593915447&cookie_enabled=1&scor=4282693898353133&ged=ve4_td7_tt1_pd7_la7000_er1837.501.1862.1221_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
408 B 477ms
477ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4346626498519&correlator=669808984486603&eid=31079378%2C31079530%2C31079527&output=ldjh&gdfp_req=1&vrg=202311060101&ptt=17&impl=fifs&gdpr=0&iu_parts=22631205490%2CATD_TheWire%2CATD_540x400_Articlepage_Last_two%2CATD_728x90_TOP%2CATD_300x250_INR%2CATD_728x90_Footer_Desktop&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F3%2C0%2F1%2F4%2C0%2F1%2F4%2C0%2F1%2F5&prev_iu_szs=540x400%2C728x90%2C300x250%2C300x250%2C728x90&ifi=2&didk=653429121~805483633~1611341043~3722847499~900825881&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699593915463&lmt=1699593915&adxs=591%2C497%2C711%2C711%2C1236&adys=2455%2C1108%2C1899%2C2944%2C1220&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&vis=1&psz=759x400%7C759x90%7C759x250%7C759x250%7C1600x-1&msz=540x-1%7C728x-1%7C300x-1%7C300x-1%7C728x-1&fws=4%2C4%2C4%2C4%2C516&ohw=540%2C728%2C300%2C300%2C728&ga_vid=1227439951.1699593909&ga_sid=1699593912&ga_hid=10435213&ga_fc=true&dlt=1699593908286&idt=3476&prev_scp=mod%3Dfi%26amznbid%3D2%26amznp%3D2%7Cmod%3Dfi%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D53e81c2c128282a%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D53e81c2c128282a%26hb_bidder%3Dappnexus%7Cmod%3Dfi%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D5435e1034e20acc%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D5435e1034e20acc%26hb_bidder%3Dappnexus%7Cmod%3Dfi%26amznbid%3D2%26amznp%3D2%7Cmod%3Dfi%26amznbid%3D2%26amznp%3D2&adks=3401788844%2C1258937975%2C2829772745%2C2778387277%2C3244350945&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079530

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b37216d11defe0179e79ba3ea02aaeddda4c0172a3ced113bd0a785134daa6b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 376
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://thewire.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
27468609a1af36f5a99fbe38afdb18a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6D6F 6 KB
3 KB 406ms
28ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://27468609a1af36f5a99fbe38afdb18a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079530

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thewire.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:25:15 GMT
expires: Sat, 09 Nov 2024 05:25:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 86D4 869 B
659 B 204ms
137ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=1a443d1271240dc9bcc435b03f5b341749bc6792

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fthewire.in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-response-time: 119
date: Fri, 10 Nov 2023 05:25:15 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 10 Nov 2023 05:25:15 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 4023016ba5c9de98
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 607c8497b67b86b489560e0a997bb86a9eb9380ed41f212a29e03388e02f074f
content-length: 337

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 130 KB
46 KB 522ms
26ms Script
application/javascript 104.18.23.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.23.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ceeeed3b9329b221b249e77a7294fb15e629b9a9642e00021ee2873b4129127

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:16 GMT
content-encoding: gzip
last-modified: Thu, 09 Nov 2023 22:45:34 GMT
server: cloudflare
age: 0
etag: W/"ea91b745fb7fcd8277eabdedd83b40c582981422"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 823bdfb9997d91fc-FRA

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 77 KB
24 KB 379ms
29ms Fetch
application/javascript 104.26.8.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 05:25:16 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 169368
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 06 Nov 2023 14:13:08 GMT
Server: cloudflare
ETag: W/"ccc354615ffb5b4afd96268bab4a6502"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkrUhjr3oHSDpiz%2FPsLS9Uvsi3LhN7FyzIFFCP1f2mINKbJAcgZJqyLFzaKL%2FIA4n9VOhY6cVTbzvalJxBKtPou4ChvGfqoo70dMie22%2BGRxIys9AEQfW6Zl%2BpLwxIbI"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 823bdfb8bd492bde-FRA

POST
H2 204 csi
csi.gstatic.com/ Frame 6062 0
54 B 1400ms
281ms Ping
image/gif 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~los6c26w&c=532339527080&slotId=266169763540&ghmsh_eids=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&fas=1&vast_v=4.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c05::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 54ms
54ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?sic=0&eic=1&lst=none&lec=303&lid=176&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 6062 42 B
175 B 44ms
15ms Fetch
image/gif 185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:16 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 53ms
52ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 6062 42 B
174 B 37ms
16ms Fetch
image/gif 185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:16 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 323ms
323ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 6062 42 B
174 B 26ms
26ms Fetch
image/gif 185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:16 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 204 /
onetag-sys.com/usync/ Frame 18BD 0
0 30ms
28ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1699593913324

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://thewire.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 54ms
53ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 6062 42 B
174 B 13ms
13ms Fetch
image/gif 185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:16 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 54ms
54ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 6062 42 B
174 B 13ms
12ms Fetch
image/gif 185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:16 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H3 200 bridge3.603.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C250 756 KB
243 KB 22ms
20ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

294feb6a114a8d5497b34c14bd6666b75f0781447823cb048f2b52bad0237837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thewire.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 95577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 248265
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 02:52:19 GMT
expires: Fri, 08 Nov 2024 02:52:19 GMT
last-modified: Thu, 09 Nov 2023 02:42:06 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 96B2 40 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 10 Nov 2023 06:12:43 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/6NpOYze4e035oWEbRYFoCQ:1699597512/1169/video/1961/ 8 KB
0 39ms
13ms Media
video/mp4 212.8.250.43
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/6NpOYze4e035oWEbRYFoCQ:1699597512/1169/video/1961/480_650.mp4
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.43 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://thewire.in/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 10 Nov 2023 05:25:16 GMT
Last-Modified: Thu, 02 Sep 2021 16:25:54 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fb12-fa564c"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-16406091/16406092
Connection: keep-alive
Content-Length: 16406092

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 140ms
98ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://thewire.in
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 10 Nov 2023 05:25:16 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 100ms
99ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Nov 2023 05:25:16 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C250 156 B
186 B 241ms
240ms XHR
text/xml 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22802248553%2Fthewire.in%2Fvast_0.8&description_url=https%3A%2F%2Fthewire.in&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=118120676967166&sdkv=h.3.603.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&gdpr=0&sdki=445&ptt=20&adk=3986495603&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.603.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F6NpOYze4e035oWEbRYFoCQ%3A1699597512%2F1169%2Fvideo%2F1961%2F480_650.mp4&sid=6D4A2749-BEAA-440E-99B8-D8534D122422&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44803784&url=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&dt=1699593916970&cookie=ID%3Dee65be6e95f22029%3AT%3D1699593915%3ART%3D1699593915%3AS%3DALNI_MY0SS4KOa1Y4dVg98I7aXDtN8JX-A&gpic=UID%3D00000cbf5edcbd77%3AT%3D1699593915%3ART%3D1699593915%3AS%3DALNI_Mb-JpQugZDCxNPaM6wM4hV01t4IBA&scor=2269262394058766&ged=ve4_td9_tt3_pd9_la9000_er1772.501.1797.1221_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:17 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
457 B 64ms
64ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&pid=ptkIQpxtUiluK&cb=1&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22fi-ash-1684499158-7071_79540_45807%22%2C%22s%22%3A%5B%22320x50%22%5D%2C%22sn%22%3A%2222631205490%2FATD_TheWire%2FATD_320x50_FTR_LHS%22%7D%2C%7B%22sd%22%3A%22fi-ash-1684499164-8731_59548_94822%22%2C%22s%22%3A%5B%22320x50%22%5D%2C%22sn%22%3A%2222631205490%2FATD_TheWire%2FATD_320x50_FTR_RHS%22%7D%5D&schain=1.0%2C1!automatad.com%2C2311914055616904%2C1%2C%2C%2C&pubid=0cacadd5-7d2a-4f53-879f-72337dd1f3a2&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:17 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: KQCZV4JRS5V44G92HFD3
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://thewire.in
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 1OY92Qbjto6nt0-SByadBnpLuKz4tLjT5sXf8ooDGMTqFh0o2_8UKg==

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 171 B
552 B 81ms
81ms XHR
application/json 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash: ff4f488eb141eedf44d088315c2f3d9f62039e072749e34478843f41b6f66f92

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:16 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://thewire.in
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 171 B
557 B 138ms
138ms XHR
application/json 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash: ff4f488eb141eedf44d088315c2f3d9f62039e072749e34478843f41b6f66f92

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:16 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://thewire.in
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
406 B 22ms
21ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://thewire.in
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
53 B 17ms
16ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thewire.in
date: Fri, 10 Nov 2023 05:25:17 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 105 B
447 B 34ms
33ms XHR
application/json 99.81.57.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 99.81.57.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-57-59.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 8365cb403aa38d2a52375b85215646f9c4460d1a39945ae9eca91bb355407edf

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Nov 2023 05:25:17 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://thewire.in
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
173 B 530ms
175ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thewire.in
date: Fri, 10 Nov 2023 05:25:17 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
377 B 193ms
193ms XHR
application/json 23.52.123.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-123-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:17 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://thewire.in
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 10 Nov 2023 05:25:17 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 14 KB
7 KB 228ms
228ms XHR
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

94336ec9a728c40889c2d010d0361b52075b29bf9ce2a5b07961f43f594e0a31

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:17 GMT
content-encoding: gzip
an-x-request-uuid: 15e28741-61f6-4951-abac-5d50d493d406
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://thewire.in
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.199.131; 95.211.199.131; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 693 B
674 B 121ms
121ms XHR
application/json 52.31.140.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=10223
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1b6c06cde31bc24b8db92fc241fcdd0797d5da90b11f14be52ce588244b5f643

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Nov 2023 05:25:17 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://thewire.in
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
496 B 26ms
26ms XHR
application/json 216.52.2.86
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.52.0
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 34f37587228ac4775545cfedb5562115acc03a0a265e642b7f664b94b1b2a92b

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 10 Nov 2023 05:25:17 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://thewire.in
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
2 KB 34ms
33ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUKH8M64
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: cbff9ddbc592bc33112c8e134ab7c4964007e8e7956ee23bce18156e7d0b65d0

Request headers

Referer: https://thewire.in/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:16 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://thewire.in
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 05:25:17 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C250 0
45 B 282ms
281ms Ping
image/gif 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~los6c3cy&c=532339527080&slotId=266169763540&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c05::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 427 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 415 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 414 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/6NpOYze4e035oWEbRYFoCQ:1699597512/1169/video/1961/ 3 MB
0 39ms
13ms Media
video/mp4 212.8.250.43
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/6NpOYze4e035oWEbRYFoCQ:1699597512/1169/video/1961/480_650.mp4
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.43 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://thewire.in/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Range: bytes=98304-

Response headers

Date: Fri, 10 Nov 2023 05:25:17 GMT
Last-Modified: Thu, 02 Sep 2021 16:25:54 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fb12-fa564c"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 98304-16406091/16406092
Connection: keep-alive
Content-Length: 16307788

POST
H2 200 cookie_sync Show response
us-east-pbs.automatad.com/ Frame F3F9 3 KB
3 KB 468ms
156ms XHR
application/json 143.244.213.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://us-east-pbs.automatad.com/cookie_sync

Requested by

Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/geo/amp_user_sync/load-cookies.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.213.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

ada4a16db198a98bf1975d30e625b26ed73146c017e8e0c8366d18be8284a416

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://b2cdn.automatad.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:17 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://b2cdn.automatad.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 794 B
186 B 445ms
444ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4346626498519&correlator=1259648820475977&eid=31079378%2C31079530%2C31079527&output=ldjh&gdfp_req=1&vrg=202311060101&ptt=17&impl=fifs&gdpr=0&iu_parts=22631205490%2CATD_TheWire%2CATD_320x50_FTR_LHS%2CATD_320x50_FTR_RHS&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F3&prev_iu_szs=320x50%2C320x50&ifi=7&didk=1328059409~1224639492&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dee65be6e95f22029%3AT%3D1699593915%3ART%3D1699593915%3AS%3DALNI_MY0SS4KOa1Y4dVg98I7aXDtN8JX-A&gpic=UID%3D00000cbf5edcbd77%3AT%3D1699593915%3ART%3D1699593915%3AS%3DALNI_Mb-JpQugZDCxNPaM6wM4hV01t4IBA&abxe=1&dt=1699593917604&lmt=1699593917&adxs=0%2C1280&adys=1150%2C1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fthewire.in%2Fhealth%2Fdelhi-safdarjung-hospital-cyber-attack&vis=1&psz=320x-1%7C320x-1&msz=320x-1%7C320x-1&fws=516%2C516&ohw=320%2C320&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1227439951.1699593909&ga_sid=1699593912&ga_hid=10435213&ga_fc=true&dlt=1699593908286&idt=3476&prev_scp=mod%3Dfi%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D320x50%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D8885b1624226da2%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D320x50%26hb_pb%3D0.00%26hb_adid%3D8885b1624226da2%26hb_bidder%3Dappnexus%7Cmod%3Dfi%26amznbid%3D2%26amznp%3D2&adks=1748560853%2C2534276138&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079530

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

460c6f30a9fa58183c40a005ac5abbac58f1eccea1962636c60cb092def93de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:18 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 156
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://thewire.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 123E 15 KB
6 KB 76ms
20ms Document
text/html 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/geo/amp_user_sync/load-cookies.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://b2cdn.automatad.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=159357
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Fri, 10 Nov 2023 05:25:17 GMT
expires: Sun, 12 Nov 2023 01:41:14 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

setuid
us-east-pbs.automatad.com/ Frame F3F9
Redirect Chain

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpulsepoint%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%25%25VGUID%25%25
https://us-east-pbs.automatad.com//setuid?bidder=pulsepoint&gdpr=0&gdpr_consent=&uid=UJznYfwj1SRX&ev=1&pid=561205
https://us-east-pbs.automatad.com/setuid?bidder=pulsepoint&gdpr=0&gdpr_consent=&uid=UJznYfwj1SRX&ev=1&pid=561205

86 B
485 B

132ms
131ms

Image
image/png

143.244.213.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-east-pbs.automatad.com/setuid?bidder=pulsepoint&gdpr=0&gdpr_consent=&uid=UJznYfwj1SRX&ev=1&pid=561205

Requested by

Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack

Protocol

Server

143.244.213.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b2cdn.automatad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
content-length: 86
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
content-type: text/html; charset=utf-8
location: /setuid?bidder=pulsepoint&gdpr=0&gdpr_consent=&uid=UJznYfwj1SRX&ev=1&pid=561205
cache-control: no-cache, no-store, must-revalidate
content-length: 134
expires: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 123E 0
42 B 67ms
14ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96351763&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:16 GMT
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame C250 0
45 B 1084ms
1084ms Ping
image/gif 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~los6c3kx&c=532339527080&slotId=266169763540&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44803784
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c05::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
us-east-pbs.automatad.com/ Frame F3F9
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://us-east-pbs.automatad.com//setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=2756809943040819841
https://us-east-pbs.automatad.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=2756809943040819841

86 B
569 B

160ms
160ms

Image
image/png

143.244.213.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-east-pbs.automatad.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=2756809943040819841

Requested by

Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack

Protocol

Server

143.244.213.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b2cdn.automatad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
content-length: 86
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
content-type: text/html; charset=utf-8
location: /setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=2756809943040819841
cache-control: no-cache, no-store, must-revalidate
content-length: 112
expires: 0

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 96A8 9 KB
4 KB 117ms
21ms Document
text/html 13.32.27.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-99.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer: https://thewire.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 72619
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Thu, 09 Nov 2023 09:15:00 GMT
etag: W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified: Mon, 02 Oct 2023 23:54:30 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-id: k9jmzHCHVA_D6Zofo0y853vCYVuNYkTgf9EmTPnbFsdj9lmYYfkQ3Q==
x-amz-cf-pop: FRA56-C2
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5: d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256: 8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 52E4 0
0 14ms
14ms Document
text/plain 216.52.2.86
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13404110
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://thewire.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Fri, 10 Nov 2023 05:25:18 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap4ams1

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 19F3 52 KB
17 KB 75ms
13ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://thewire.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 84925
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 10 Nov 2023 05:25:18 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 334, 469990
X-Served-By: cache-lga13626-LGA, cache-ams21082-AMS
X-Timer: S1699593919.509966,VS0,VE0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7AE6 15 KB
6 KB 21ms
21ms Document
text/html 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160148
Requested by: Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://thewire.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=159356
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Fri, 10 Nov 2023 05:25:18 GMT
expires: Sun, 12 Nov 2023 01:41:14 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 0D77 0
0 23ms
23ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1699593915159

Requested by

Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://thewire.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame ECA9 23 KB
8 KB 96ms
33ms Document
text/html 23.52.120.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKH8M64&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C468%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_LGXtf7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-120-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9081b6ff0373627eb70fbbe759b1bd862710ae63b1d8fb8ed9b7306cbc73ac63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://thewire.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8442
content-type: text/html; charset=UTF-8
date: Fri, 10 Nov 2023 05:25:18 GMT
expires: Sun, 12 Nov 2023 05:25:18 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 19F3 0
597 B 19ms
19ms Script
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT
an-x-request-uuid: d19a8155-45f0-4bd3-8c55-260243a94358
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 95.211.199.131; 95.211.199.131; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 70A8 3 KB
1 KB 108ms
30ms Document
text/html 34.250.149.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.149.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-149-102.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ca31249c43b8f20f6dccf4c051b435db33fa022ffd90219d42bd6bfae7867ff

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 10 Nov 2023 05:25:18 GMT
etag: W/"01e8511b9bd9dfc4d352d9a319cbfd128"
server: nginx
timing-allow-origin: *

GET
H2 204 /
onetag-sys.com/usync/ Frame BE07 0
0 22ms
22ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame 404C 845 B
1 KB 129ms
23ms Document
text/html 185.86.138.153
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 888819a6f34e6e6cc36c1da11445ebad3e2f12afb1dcfe47f9070bf1f173430a

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 845
content-type: text/html
date: Fri, 10 Nov 2023 05:25:17 GMT

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 8ABE
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

2 KB
786 B

39ms
39ms

Document
text/html

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4416891b6143d4b1b8d95ba6a1394fc3ad2fc82c13d6ac2ccb713d1d5fc2c50

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 823bdfc7abd2036e-FRA
content-encoding: br
content-type: text/html
date: Fri, 10 Nov 2023 05:25:18 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZXGLJyaJWRQureeYmO39v2VOODiHEf4Eluzwx3E0N6v5ZMNIX4AYfl1yh01tDDwpiP14j01UMwZJ74rmSQ5RDpH%2BDs5kPbax8AgtdVsoYOClRr8T1yW2DADzpNE5RKReNr1hRB1LVy3RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 823bdfc77b93036e-FRA
content-length: 0
date: Fri, 10 Nov 2023 05:25:18 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkHZYgHNn8YW%2Fc7AeaPw310G7axdcxLcr9Ll7effr9adIA8AVZsFU3f24s6xqokl4Pyx6D0w%2B%2BqdYxHFhC38rafqrZc3ybP01ba%2BpUOymaOEVT1xtoZvjlOBSoQwzKTSupOAMJmnBz0mNg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 7F34
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
555 B

81ms
19ms

Document
text/html

23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 10 Nov 2023 05:25:18 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 10 Nov 2023 05:25:18 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D0A7 15 KB
6 KB 20ms
20ms Document
text/html 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=159356
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Fri, 10 Nov 2023 05:25:18 GMT
expires: Sun, 12 Nov 2023 01:41:14 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-iframe Show response
cs-rtb.minutemedia-prebid.com/ Frame F547 0
526 B 710ms
329ms Document
text/html 2600:9000:223f:5c00:1f:4c18:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Fri, 10 Nov 2023 05:25:19 GMT
server: istio-envoy
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-id: tYNhWYV3d46D6jTitZcwrZxklVoCsS71mfoF6Refc1WRCu4w0qqwBw==
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame ACB9 0
160 B 48ms
13ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Fri, 10 Nov 2023 05:25:18 GMT
Pragma: no-cache
Server: nginx

GET
H2 200 sync-iframe Show response
cs-server-s2s.yellowblue.io/ Frame 3822 0
370 B 319ms
104ms Document
text/html 18.205.170.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.205.170.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-170-196.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Fri, 10 Nov 2023 05:25:18 GMT
server: istio-envoy
x-envoy-upstream-service-time: 0
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H2

200

sync
ads.servenobid.com/ Frame 96A8
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=2756809943040819841

0
344 B

31ms
30ms

Image
image/avif

52.31.140.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=2756809943040819841
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:18 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT
an-x-request-uuid: 8aae9d09-d313-4b21-bbc7-4367aeabb2a3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ads.servenobid.com/sync?pid=312&uid=2756809943040819841
x-proxy-origin: 95.211.199.131; 95.211.199.131; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 96A8
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=HoZlqRZHOYZCpIGWTJWHiu2a

0
351 B

31ms
30ms

Image
image/avif

52.31.140.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=HoZlqRZHOYZCpIGWTJWHiu2a
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:18 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 10 Nov 2023 05:25:18 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=HoZlqRZHOYZCpIGWTJWHiu2a
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 96A8 0
277 B 18ms
14ms Image
text/plain 216.52.2.86
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 10 Nov 2023 05:25:18 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

sync
ads.servenobid.com/ Frame 96A8
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1699593918623
https://ad.turn.com/r/cs?pid=45&rndcb=8693264525
https://sync.1rx.io/usersync/turn/8324606202955567102?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-47322927-19ca-4ba6-b630-a85f1b189122-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-47322927-19ca-4ba6-b630-a85f1b189122-003
https://ads.servenobid.com/sync?pid=321&uid=RX-47322927-19ca-4ba6-b630-a85f1b189122-003

0
361 B

32ms
32ms

Image
image/avif

52.31.140.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=321&uid=RX-47322927-19ca-4ba6-b630-a85f1b189122-003
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:18 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=321&uid=RX-47322927-19ca-4ba6-b630-a85f1b189122-003
date: Fri, 10 Nov 2023 05:25:18 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX4732292719ca4ba6b630a85f1b189122003
content-type: text/html

GET
H2

200

sync
ads.servenobid.com/ Frame 96A8
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5124322329459643486

0
344 B

2084ms
2083ms

Image
image/avif

52.31.140.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5124322329459643486
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:20 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5124322329459643486
Date: Fri, 10 Nov 2023 05:25:18 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 usa
sync.go.sonobi.com/ Frame 96A8 0
401 B 333ms
106ms Image
text/plain 69.166.1.66
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-189
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 96A8
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

0
252 B

32ms
32ms

Image
image/avif

52.31.140.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:18 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date: Fri, 10 Nov 2023 05:25:18 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58559/ Frame 96A8 0
15 B 69ms
23ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58559/occ

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:18 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sync
ads.servenobid.com/ Frame 96A8
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://ads.servenobid.com/sync?pid=346&uid=ua-a008e0b2-77c4-37c0-9e50-fd98588a465e

0
358 B

34ms
33ms

Image
image/avif

52.31.140.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=346&uid=ua-a008e0b2-77c4-37c0-9e50-fd98588a465e
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:18 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=346&uid=ua-a008e0b2-77c4-37c0-9e50-fd98588a465e
pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58632/ Frame 96A8 0
125 B 68ms
22ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58632/occ

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:18 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 96A8 0
35 B 70ms
19ms Image
text/plain 3.120.44.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.44.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-44-6.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:18 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 96A8
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

0
336 B

34ms
33ms

Image
image/avif

52.31.140.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:18 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Fri, 10 Nov 2023 05:25:18 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Fri, 10 Nov 2023 05:25:18 GMT

GET
H2

200

setuid
us-east-pbs.automatad.com/ Frame F3F9
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fus-east-pbs.automatad.com%2F%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://us-east-pbs.automatad.com//setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=2756809943040819841
https://us-east-pbs.automatad.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=2756809943040819841

86 B
575 B

147ms
146ms

Image
image/png

143.244.213.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-east-pbs.automatad.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=2756809943040819841

Requested by

Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack

Protocol

Server

143.244.213.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://b2cdn.automatad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
content-length: 86
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
content-type: text/html; charset=utf-8
location: /setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=2756809943040819841
cache-control: no-cache, no-store, must-revalidate
content-length: 112
expires: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 70A8
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=2756809943040819841

35 B
250 B

98ms
30ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=2756809943040819841
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 10 Nov 2023 05:25:18 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT
an-x-request-uuid: aeaaee69-0a85-436a-8c72-06dcec03c193
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://usersync.gumgum.com/usersync?b=apn&i=2756809943040819841
x-proxy-origin: 95.211.199.131; 95.211.199.131; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 70A8
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_79efd6e5-e76d-4bb3-ac5e-0131dc6b5dca&gdpr=0&gdpr_consent=&us_privacy=1---
https://usersync.gumgum.com/usersync?b=bsw&i=97119c1f-f6c5-45c2-847d-5a3195db1e04&gdpr=0&gdpr_consent=&us_privacy=1---

35 B
250 B

101ms
31ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=97119c1f-f6c5-45c2-847d-5a3195db1e04&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 10 Nov 2023 05:25:18 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: //usersync.gumgum.com/usersync?b=bsw&i=97119c1f-f6c5-45c2-847d-5a3195db1e04&gdpr=0&gdpr_consent=&us_privacy=1---
date: Fri, 10 Nov 2023 05:25:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 70A8
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=dffef7b9-888a-406f-b164-7dd6ad3ed36b

35 B
250 B

57ms
29ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=dffef7b9-888a-406f-b164-7dd6ad3ed36b
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 10 Nov 2023 05:25:18 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Fri, 10 Nov 2023 05:25:18 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://usersync.gumgum.com/usersync?b=opx&i=dffef7b9-888a-406f-b164-7dd6ad3ed36b
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 70A8
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-8aff5d25-e392-5f6f-7a48-1c1c8adfb50c$ip$95.211.199.131

35 B
250 B

30ms
30ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-8aff5d25-e392-5f6f-7a48-1c1c8adfb50c$ip$95.211.199.131
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 10 Nov 2023 05:25:19 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-8aff5d25-e392-5f6f-7a48-1c1c8adfb50c$ip$95.211.199.131
Date: Fri, 10 Nov 2023 05:25:19 GMT
Connection: keep-alive
Content-Length: 128
Content-Type: text/html; charset=utf-8

GET
H2 200 gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 70A8 43 B
425 B 459ms
55ms Image
image/gif 2a05:d018:d29:3601:4c00:85ae:82c6:552b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:4c00:85ae:82c6:552b Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 70A8
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
https://usersync.gumgum.com/usersync?b=vnt&i=f9045b76-c89c-433b-8eba-abcf86bd70bd

35 B
250 B

29ms
29ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=f9045b76-c89c-433b-8eba-abcf86bd70bd
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 10 Nov 2023 05:25:19 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=f9045b76-c89c-433b-8eba-abcf86bd70bd
Date: Fri, 10 Nov 2023 05:25:19 GMT
Connection: keep-alive
X-CI-RTID: 7598e5ab-e549-4837-b0d5-bb893c0ce737
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 200 142
match.deepintent.com/usersync/ Frame 70A8 0
44 B 310ms
98ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:18 GMT
content-length: 0
server: b

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 70A8
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_79efd6e5-e76d-4bb3-ac5e-0131dc6b5dca&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_79efd6e5-e76d-4bb3-ac5e-0131dc6b5dca&s=2&us_privacy=...
https://usersync.gumgum.com/usersync?b=zem&i=XnJZF1dsCyRk6cMksuh8&gdpr=0&us_privacy=1---

35 B
250 B

29ms
28ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&i=XnJZF1dsCyRk6cMksuh8&gdpr=0&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 10 Nov 2023 05:25:19 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 10 Nov 2023 05:25:19 GMT
Content-Type: text/html; charset=utf-8
Location: https://usersync.gumgum.com/usersync?b=zem&i=XnJZF1dsCyRk6cMksuh8&gdpr=0&us_privacy=1---
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 123
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 70A8
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=bGq9jg7ic2En&ev=1&pid=558355

35 B
250 B

105ms
32ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=bGq9jg7ic2En&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 10 Nov 2023 05:25:18 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: nl-NL
location: https://usersync.gumgum.com/usersync?b=pln&i=bGq9jg7ic2En&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6b57df6cd5-bxvnp
expires: -1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 70A8
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=739854086290466249

35 B
250 B

111ms
31ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=739854086290466249
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 10 Nov 2023 05:25:18 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=739854086290466249
date: Fri, 10 Nov 2023 05:25:18 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 70A8 0
358 B 34ms
30ms Image
image/avif 52.31.140.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_79efd6e5-e76d-4bb3-ac5e-0131dc6b5dca
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:18 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 64C7
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=adf&i=4082930082235494054&gdpr=0&gdpr_consent=

35 B
208 B

51ms
34ms

Document
image/gif

34.250.149.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=adf&i=4082930082235494054&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.149.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-149-102.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
content-length: 35
content-type: image/gif;charset=UTF-8
date: Fri, 10 Nov 2023 05:25:18 GMT
expires: 0
pragma: no-cache
server: nginx
timing-allow-origin: *

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Fri, 10 Nov 2023 05:25:18 GMT
expires: -1
location: https://rtb.gumgum.com/usersync?b=adf&i=4082930082235494054&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pixel Show response
cm.g.doubleclick.net/ Frame 1A73 170 B
243 B 105ms
29ms Document
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83OWVmZDZlNS1lNzZkLTRiYjMtYWM1ZS0wMTMxZGM2YjVkY2E=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:25:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9A25 15 KB
6 KB 21ms
20ms Document
text/html 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=159356
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Fri, 10 Nov 2023 05:25:18 GMT
expires: Sun, 12 Nov 2023 01:41:14 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame DFBC 70 B
149 B 111ms
37ms Document
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Fri, 10 Nov 2023 05:25:18 GMT
server: Kestrel

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame C19E
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZU2.v8Co8X8AAE6WlywAAAAA

35 B
250 B

29ms
29ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZU2.v8Co8X8AAE6WlywAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 10 Nov 2023 05:25:19 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Fri, 10 Nov 2023 05:25:19 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZU2.v8Co8X8AAE6WlywAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 2
X-SO-Cluster-ID: 0
X-SO-HostName: m-ad105.dc4p.scaleout.jp
X-SO-IP: 95.211.199.131
X-SO-Key: ZU2.v8Co8X8AAE6WlywAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZU2.v8Co8X8AAE6WlywAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad105"}
X-SO-LB-Hostname: m-tgng27.dc4p.scaleout.jp
X-SO-Upstream-ID: m-ad105

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 3E16
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=FL6Wku007pCRtLUJ1VND&pi=gumgum&tc=1

35 B
250 B

39ms
30ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=FL6Wku007pCRtLUJ1VND&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 10 Nov 2023 05:25:18 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Fri, 10 Nov 2023 05:25:18 GMT Fri, 10 Nov 2023 05:25:18 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=FL6Wku007pCRtLUJ1VND&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame BDDE
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
555 B

42ms
19ms

Document
text/html

23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 10 Nov 2023 05:25:18 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 10 Nov 2023 05:25:18 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 8ABE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZU2-vtIBjIzPGsnb6-NqYgAABI8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHkk_QznUjZfCPQgofiZ7d0&google_cver=1

43 B
770 B

33ms
32ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHkk_QznUjZfCPQgofiZ7d0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4m49QonvIQcJc1aINkU%2FgPWimtFaGpDkGxCuB03bjm4fUedQA8tNWX9L9XdZogVW%2B1WWvJX4i3wA9gQJlJ9kRmcnTyr6HM6c8MFO5u4wAASkp%2BeieIu3HDMEiBCWG0vFYw7EDe4KdZ%2Bizg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 823bdfc88a0b71d3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHkk_QznUjZfCPQgofiZ7d0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 8ABE 70 B
148 B 101ms
38ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:18 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 8ABE
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU2-vtIBjIzPGsnb6-NqYgAABI8AAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU2-vtIBjIzPGsnb6-NqYgAABI8AAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

129ms
129ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU2-vtIBjIzPGsnb6-NqYgAABI8AAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Nov 2023 05:25:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8T60YB6375NN5YJ02GZ6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 10 Nov 2023 05:25:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QB6P0T8QS1F5BHT654JR
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU2-vtIBjIzPGsnb6-NqYgAABI8AAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

502

pixel
live.rezync.com/ Frame 8ABE
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZU2.vtIBjIzPGsnb6.NqYgAA%261167&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZU2.vtIBjIzPGsnb6.NqYgAA%261167&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=00d6709e07044c639a0357806f461a14
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=00d6709e-0704-4c63-9a03-57806f461a14
https://p.rfihub.com/cm?pub=39342&in=1&userid=7ae55a68-dddd-41ac-88d2-461725581aaa%3A1699593919.3784947&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D7ae55a68-dddd-41ac-88d2-4617255...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322329459643486&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D7ae55a68-dddd-41ac-88...

0
0

298ms
298ms

Image
text/html

13.32.27.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322329459643486&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D7ae55a68-dddd-41ac-88d2-461725581aaa%253A1699593919.3784947%26_%3D1699593919.3806906
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Server: 13.32.27.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-28.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Redirect headers

Location: https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322329459643486&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D7ae55a68-dddd-41ac-88d2-461725581aaa%253A1699593919.3784947%26_%3D1699593919.3806906
Date: Fri, 10 Nov 2023 05:25:19 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 8ABE
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZU2.vtIBjIzPGsnb6.NqYgAA%261167?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZU2.vtIBjIzPGsnb6.NqYgAA%261167

42 B
716 B

35ms
34ms

Image
image/gif

54.171.198.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZU2.vtIBjIzPGsnb6.NqYgAA%261167

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

Server

54.171.198.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-198-71.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-0ceeb53b5.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: m+qMAwRsSZE=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-01a13f76f.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: 1AZfwgeSQZs=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZU2.vtIBjIzPGsnb6.NqYgAA%261167
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame 8ABE
Redirect Chain

https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZU2.vtIBjIzPGsnb6.NqYgAA%261167
https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZU2.vtIBjIzPGsnb6.NqYgAA%261167&tc=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=FL6Wku007pCRtLUJ1VND&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZU2.vtIBjIzPGsnb6.NqYgAA%261167&tc=1

43 B
339 B

45ms
33ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=FL6Wku007pCRtLUJ1VND&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZU2.vtIBjIzPGsnb6.NqYgAA%261167&tc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BezSdiCQgPD51OfMb31GQWqhrHLN2ycdXmrJ4iyIuKLYYyL3FVQqSXG4jG1ngV1VhwV3%2Fl0Q98YGJwKR67y0hTcQnLAXuIO7vkob%2B9Lwjq7FLpD43p1RbBiORcnB9U%2FODxoKTRFLcJLqug%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 823bdfc88ca3036e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=FL6Wku007pCRtLUJ1VND&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZU2.vtIBjIzPGsnb6.NqYgAA%261167&tc=1
pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT, Fri, 10 Nov 2023 05:25:18 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ZU2-vtIBjIzPGsnb6-NqYgAABI8AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8ABE 43 B
603 B 441ms
54ms Image
image/gif 2a05:d018:d29:3601:4c00:85ae:82c6:552b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZU2-vtIBjIzPGsnb6-NqYgAABI8AAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:4c00:85ae:82c6:552b Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 bridge
cm.adgrx.com/ Frame 8ABE 43 B
283 B 97ms
14ms Image
image/gif 72.251.241.196
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT
server: Cowboy
content-type: image/gif
p3p: CP="NOI OTC OTP OUR NOR"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx: ams-delivery-5
content-length: 43
expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 sync
ads.servenobid.com/ Frame 8ABE 0
357 B 31ms
29ms Image
image/avif 52.31.140.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=ZU2-vtIBjIzPGsnb6-NqYgAABI8AAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:18 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 404C 0
344 B 32ms
32ms Image
image/avif 52.31.140.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=5979474532530316720&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:18 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2

200

/
wt.rqtrk.eu/ Frame 404C
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26...
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=5979474532530316720&gdpr_pd=0&gdpr=0&gdpr_consent=

43 B
350 B

77ms
23ms

Image
image/gif

141.95.32.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=5979474532530316720&gdpr_pd=0&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Server: 141.95.32.73 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS: haproxy-eu-007.roqad.pl
Software: istio-envoy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type: image/gif
cache-control: no-cache,private
x-envoy-upstream-service-time: 1
content-length: 43
expires: Fri, 10 Nov 2023 05:25:17 GMT

Redirect headers

location: https://wt.rqtrk.eu?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=5979474532530316720&gdpr_pd=0&gdpr=0&gdpr_consent=
pragma: no-cache
date: Fri, 10 Nov 2023 05:25:18 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 404C
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USE...
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=5979474532530316720&gdpr=0&gdpr_consent=
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=5979474532530316720&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

134ms
133ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=5979474532530316720&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Nov 2023 05:25:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VD9NGDVZFSWCNKGKJ873
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 10 Nov 2023 05:25:18 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7G6YR5K8P26BV09WSM97
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=5979474532530316720&gdpr=0&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 404C 70 B
148 B 94ms
37ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:18 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 404C 0
34 B 21ms
20ms Image
text/plain 3.120.44.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.44.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-44-6.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:18 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7F34 46 KB
13 KB 34ms
20ms Script
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9508013aa8cb5143b32e62558f116c06a909d285eace78f4fe2b0a1f3e84fb83

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 05:25:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Nov 2023 04:29:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=83023
Connection: keep-alive
Content-Length: 13280
Expires: Sat, 11 Nov 2023 04:29:01 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame BDDE 46 KB
13 KB 22ms
20ms Script
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9508013aa8cb5143b32e62558f116c06a909d285eace78f4fe2b0a1f3e84fb83

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 05:25:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Nov 2023 04:29:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=83023
Connection: keep-alive
Content-Length: 13280
Expires: Sat, 11 Nov 2023 04:29:01 GMT

GET
H/1.1 204
No Content /
ap.lijit.com/beacon/prebid-server/ Frame 2082 0
0 15ms
14ms Document
text/plain 216.52.2.86
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.atmtd.com%2Fs2s%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by: Host: b2cdn.automatad.com
URL: https://b2cdn.automatad.com/geo/amp_user_sync/load-cookies.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://b2cdn.automatad.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Fri, 10 Nov 2023 05:25:18 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap4ams1

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 7F34 7 B
380 B 102ms
21ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame BDDE 7 B
380 B 91ms
20ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 402fba8a82f093def2459220061c8d31
Expires: 0

GET
H2 200 %2FFILAF%2FMOFougjW0SiP48Q30wIt4aXHVd3pozs3KckT70ZKh246T3n3QV62bvcJVpIirSGN6O6G7ks%2BmZ4HyxKhmHFCKk50ZSs937EcHsNHqkSjJZDqtZBG0ak3Rtpyu7hMIarIzF2SrH8oACM2aL0V3VpmwpdFa2vUPOoOp8Z7EjJFY2R8ByWLQ1Gma14e...
ad.vidverto.io/delivery/v2/content/tracking/progress/1961/ 50 B
50 B 14ms
13ms Image
text/plain 185.165.240.175
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/v2/content/tracking/progress/1961/%2FFILAF%2FMOFougjW0SiP48Q30wIt4aXHVd3pozs3KckT70ZKh246T3n3QV62bvcJVpIirSGN6O6G7ks%2BmZ4HyxKhmHFCKk50ZSs937EcHsNHqkSjJZDqtZBG0ak3Rtpyu7hMIarIzF2SrH8oACM2aL0V3VpmwpdFa2vUPOoOp8Z7EjJFY2R8ByWLQ1Gma14e8kc%2BLAmNxays7Sp8vwHfVsw%3D%3D
Requested by: Host: thewire.in
URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-175.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:20 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 54ms
53ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?initSuccess=f&latency=5008&slotLoadingDone=f&gptCorrelatorRetrieved=t&gptStreamCorrelatorRetrieved=t&lid=184&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 54ms
53ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?cslots=0&dispcorr=1&streamcorr=1&isgptpresent=1&loc=https%3A%2F%2Fthewire.in%2F&ref=https%3A%2F%2Fthewire.in%2F&gcasclass=1&vpaidadapter=f&ifstate=0&lid=70&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6062 0
0 54ms
54ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?csrvinit=1&lid=151&sdkv=h.3.603.0&e=44768717%2C44772139%2C44777649%2C44781409%2C44797013%2C44802074%2C44802463&id=ima_html5&c=599505500330565&domain=thewire.in

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 05:25:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 35ms
35ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231108&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

765357f7250cefa4f94f60a2fa1ec8fd57524a921e7b3b102ce064e68192b426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12333
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 239ms
46ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 10 Nov 2023 05:25:21 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6EF1 13 KB
5 KB 32ms
30ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thewire.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 12602
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 01:55:19 GMT
expires: Sat, 09 Nov 2024 01:55:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E9A9 829 B
1 KB 385ms
31ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f63818db4f903937e866ed83e1e4d667dbf8cb940f66b1908f2701ff5a33211c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-10ore5BTRrtfGvjaparadQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thewire.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-10ore5BTRrtfGvjaparadQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:25:21 GMT
expires: Fri, 10 Nov 2023 05:25:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E9A9 0
0 55ms
54ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231108&jk=4346626498519&rc=
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 6EF1 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:46:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 22:46:23 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6EF1 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ABrD6g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:25:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
56ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231108&jk=4346626498519&bg=!CQqlCkXNAAZxrfrxUa07ADQBe5WfOLBanVPF3_tfb3OkG8UxLYQc6qEGxAWtbMSB0Gk7rvoAPbuFWrE6pGH27_F1WQcfAgAAAFBSAAAACWgBB5kCuYklXGIGWn3Samy5ex1LqCLpn75rYyFqAAEN8_1XN5zqfnKD8Lj063x1Aw4Z1coC9o8--l_JMl4oUvn7rz6-iRZzD8fZuufTIeZZnqi9GjNm9ACQO72wYQj-rjXwxHSxXAe5XDUHx8Br54I9vGcZifumE4MQrnkoY4mGou0KwPDVi3kRT0AZSLDgZe_3yylZfTHE7mlKOpku4F6EtN0fsTOt1gEHjaVr7JxHrIJUfDeWmyTSqzWYXiMLlwdLv_SQ9g-rBMIyYUxzWdS54bq0-iAC_fovsOFobWJFdVnGThPvwumLzDBI_aJ2KsmDotdJoUgGUMlFCIuebVYOZVcWcAY2uTSM6aytBg81SkMWh5pUVfEHsqlgQO4lDMiiOSd0FwztJFFUbRbkBmeMbe_iNowabU283jzhlG1DzWhcraTANF5iOF_F3_jL6eSl4n7InV8i2_NI2UTMc5WUbl2Cs3bcmr9VsZK2Dc6THc_V-EviJCCJOCRKZwwxNrrefv7JuM_CbeLTSvRSsrusolwvBo-34GdmAORTBSdlzl9N3HfFqbeJI5Of6QRfmFR5iRnG1ikmrOf0wIA3cE0ZPor7lle5-R8w6OK_1KMX8x57f73HIFiSzh0QJKjK9P1cwZOtQWFkTa-LVPYmCGD2XFXLtEOp8OcBf8lf8P-VauKlex_J72hgaJCWToZYtmWejUCjSFIFJMbauW82GvtTZ8RUFaX3eGIl9yXtYk6sG0pt61wnRRfcpAQQegq_S3hKREYfeagaVGFsNwQCxkQB4VrAbEXwQ79JqfzyD-G-DfCZYCdgzYVLgTRq0JO1VD_hhtaAI5V0U5a66SgntfNeIRiMO4EvmN8VyNJZ5AEeiwHqPkI_03yVOcsJKffia8U7Q-dSYezUr4l3HHlowOmdhTTlz6lsOe27rgk2JiU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thewire.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adgebra.co.in
URL: https://adgebra.co.in/Adg_Analytics/GetImageDetails?docurl=https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack&rand=29

Verdicts & Comments Add Verdict or Comment

343 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

82 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 16:49:45	Name: _li_ss Value: CggKBgiiARC7Fg
.thewire.in/	1970-01-21 01:42:33	Name: _ga Value: GA1.1.1227439951.1699593909
.thewire.in/	1970-01-21 01:42:33	Name: _ga_65DW8NFTWS Value: GS1.1.1699593908.1.0.1699593908.60.0.0
.automatad.com/	1970-01-20 16:06:35	Name: __cf_bm Value: GVgxaKkGe8Pj_WEVb1M.BNZqUq.._E17QQj93m7t5gs-1699593909-0-AbZ7FPHDQ8DcdLO8Z0LDE0SZ/BwM/dQvA7szBzDUZzt1uHFsFp/z6Y87GbT0cSS2/bVtIG0b09ghJb1w1uDJqtk=
.thewire.in/	1970-01-20 18:16:09	Name: _fbp Value: fb.1.1699593910608.1049905467
ad.vidverto.io/	1970-01-21 00:50:43	Name: moxuuid Value: 80277530-0f0c-499a-9173-2ad33d40e43b
ad.vidverto.io/	1970-01-20 16:08:00	Name: _mwayss_zone_imp[8405][count] Value: 0
ad.vidverto.io/	1970-01-20 16:08:00	Name: _mwayss_zone_imp[8405][frequencyPeriodEnd] Value: 1699680312
ad.vidverto.io/	1970-01-20 16:08:00	Name: _mwayss_imp[23239][count] Value: 0
ad.vidverto.io/	1970-01-20 16:08:00	Name: _mwayss_imp[23239][frequencyPeriodEnd] Value: 1699680312
ad.vidverto.io/	1970-01-20 16:08:00	Name: _mwayss_camp_imp[10384][count] Value: 0
ad.vidverto.io/	1970-01-20 16:08:00	Name: _mwayss_camp_imp[10384][frequencyPeriodEnd] Value: 1699680312
.atmtd.com/	1970-01-20 16:06:35	Name: __cf_bm Value: jAL69l0pjex0QUQH0LAC1jTHQwlo14gYHhMhQz9x7tk-1699593912-0-AeFGcXm0ifnhQkyx4QaL7V8m0P0kp1hL2h977ki73x+SU2EZZ2fKpHLDr5OAHGNITkstW8trr1pEgUn2F0Bgtkk=
.thewire.in/	1970-01-21 00:52:09	Name: cf_clearance Value: Q22nsQXTMWi_kF3jqrohyHNvdZMYA0bfGpQ1LDmyabM-1699593912-0-1-dc6b869c.e26b7be2.7dbf68db-0.2.1699593912
.bidswitch.net/	1970-01-21 00:52:09	Name: tuuid Value: 97119c1f-f6c5-45c2-847d-5a3195db1e04
.bidswitch.net/	1970-01-21 00:52:09	Name: c Value: 1699593912
.bidswitch.net/	1970-01-21 00:52:09	Name: tuuid_lu Value: 1699593912
a4p.adpartner.pro/	1970-01-20 17:32:57	Name: apuid Value: 4734e38c-1f92-48f2-9f87-756d1a659863
ad.vidverto.io/	1970-01-21 00:50:43	Name: adpartner Value: 4734e38c-1f92-48f2-9f87-756d1a659863
.betweendigital.com/	1970-01-21 00:52:09	Name: dc Value: lux1
.betweendigital.com/	1970-01-21 00:52:09	Name: tuuid Value: 3c6e4a92-baab-523a-b6d7-8a7bd39a34c3
.betweendigital.com/	1970-01-21 00:52:09	Name: ss Value: 1
.betweendigital.com/	1970-01-21 00:52:09	Name: ut Value: ZU2-uAAJ9sgmDPFsSgT4NcNveK47Puo3Sex_Bg==
ad.vidver.to/	1970-01-21 00:50:43	Name: bidswitch_com Value: 97119c1f-f6c5-45c2-847d-5a3195db1e04
thewire.in/	1970-01-20 16:07:37	Name: _yeti_currency_new1_ Value: {"dataAsOf":"2023-11-09T00:00:00.000Z","generatedAt":"2023-11-09T16:00:35.869Z","conversions":{"USD":{"USD":1,"JPY":151.12711626601813,"BGN":1.8293892058740997,"CZK":22.967916939481807,"DKK":6.976335235244599,"GBP":0.8156860911046675,"HUF":354.0361051351604,"PLN":4.161444205406417,"RON":4.647460480778225,"SEK":10.882050322701339,"CHF":0.9014124029557572,"ISK":141.14675895613135,"NOK":11.16219249836311,"TRY":28.500514451407728,"AUD":1.5619680104761013,"BRL":4.899261060705267,"CAD":1.3783556262276682,"CNY":7.2851931531194465,"HKD":7.810775418576373,"IDR":15640.651014872321,"ILS":3.8444486016275374,"INR":83.29716584042653,"KRW":1311.289869984099,"MXN":17.544663735852588,"MYR":4.69254513141895,"NZD":1.6869329342437567,"PHP":55.85539238611917,"SGD":1.3584323262557292,"THB":35.62716303432794,"ZAR":18.606865587877657,"EUR":0.9353661958656815},"GBP":{"USD":1.225961814116163,"JPY":185.2760736196319,"BGN":2.242761309557938,"CZK":28.15778911759647,"DKK":8.552720600882978,"GBP":1,"HUF":434.0347457141219,"PLN":5.101771687403245,"RON":5.697609082048048,"SEK":13.34097815492231,"CHF":1.10509718479445,"ISK":173.04053666647556,"NOK":13.684421764807064,"TRY":34.940542400091736,"AUD":1.9149131357146951,"BRL":6.0063069778109055,"CAD":1.689811364027292,"CNY":8.931368614184967,"HKD":9.575712401811822,"IDR":19174.840892150678,"ILS":4.713147181927642,"INR":102.11914454446419,"KRW":1607.5913078378535,"MXN":21.509087781663897,"MYR":5.752881142136346,"NZD":2.068115360357778,"PHP":68.47657817785678,"SGD":1.665386159050513,"THB":43.67754142537699,"ZAR":22.8113066911301,"EUR":1.1467232383464252}}}
.thewire.in/	1970-01-21 00:52:09	Name: FCNEC Value: %5B%5B%22AKsRol9SJAlV9fxTb0MaJHDzTDfmupTTJiEU-AWirIoZ2HTNw26-9bNlcRJADNEUCBkkvYW3YLaZ5WoN6bfqR7fWnlqzPWY-tHqivlu-7ZEQr8WI2Zd1p7F-sjfC_1a04b-PgLyzIfw4_Of4s8MFieU0sNRcrjn0lg%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.adnxs.com/	1970-01-20 18:16:09	Name: uuid2 Value: 2756809943040819841
.thewire.in/	1970-01-21 01:28:09	Name: __gads Value: ID=ee65be6e95f22029:T=1699593915:RT=1699593915:S=ALNI_MY0SS4KOa1Y4dVg98I7aXDtN8JX-A
.thewire.in/	1970-01-21 01:28:09	Name: __gpi Value: UID=00000cbf5edcbd77:T=1699593915:RT=1699593915:S=ALNI_Mb-JpQugZDCxNPaM6wM4hV01t4IBA
.doubleclick.net/	1970-01-21 01:42:33	Name: IDE Value: AHWqTUnCBD60vNjbiewfiXFhVaxluDz6K-AK5j20IkcqUcMa5xCh-SnU50u_4TXxHqc
.script.ac/	1970-01-20 16:06:35	Name: __cf_bm Value: VEDnoLuDjxCKPQSJiRzr1SLTZPOMNUjQzj3.MvPsI2w-1699593916-0-AR2ERZF3JO44FUFP6l/ctyaEpoXuOXP+RsthZ+9dDEdWhTn2HVr04AvgOmcI1K6870RvkV5Ruz5xSJIq2wqE9uw=
.adnxs.com/	1970-01-20 18:16:09	Name: icu Value: ChgIoOheEAoYAiACKAIwvf22qgY4AkACSAIQvf22qgYYAQ..
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 5352bdfe313b7df3
.lijit.com/	1970-01-21 00:52:09	Name: ljt_reader Value: HoZlqRZHOYZCpIGWTJWHiu2a
.servenobid.com/	1970-01-20 16:16:38	Name: pid_312 Value: 2756809943040819841
.lijit.com/	1970-01-21 00:52:09	Name: _ljtrtb_273657 Value: 273657
.casalemedia.com/	1970-01-21 00:52:09	Name: CMID Value: ZU2.vtIBjIzPGsnb6.NqYgAA
.casalemedia.com/	1970-01-20 18:16:09	Name: CMPS Value: 1167
.casalemedia.com/	1970-01-20 18:16:09	Name: CMPRO Value: 1167
.rfihub.com/	1970-01-21 01:28:09	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2sjQxtTQzMTaxMBPiM9RNDSzOyKq0SHJxC4sHAKSv1gclAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2sjQxtTQzMTaxMBPiM9RNDSzOyKq0SHJxC4sHAKSv1gclAAAA
.gumgum.com/	1970-01-21 00:52:09	Name: vst Value: e_79efd6e5-e76d-4bb3-ac5e-0131dc6b5dca
.servenobid.com/	1970-01-20 16:16:38	Name: pid_310 Value: HoZlqRZHOYZCpIGWTJWHiu2a
.servenobid.com/	1970-01-20 16:16:38	Name: pid_309 Value: e_79efd6e5-e76d-4bb3-ac5e-0131dc6b5dca
.smartadserver.com/	1970-01-21 01:36:48	Name: pid Value: 739854086290466249
.servenobid.com/	1970-01-20 16:16:38	Name: pid_333 Value: ZU2-vtIBjIzPGsnb6-NqYgAABI8AAAIB
.servenobid.com/	1970-01-20 16:16:38	Name: pid_317 Value: 5979474532530316720
.openx.net/	1970-01-21 00:52:09	Name: i Value: fb6f6c90-0918-47ce-8cc9-a5d30149e1d0\|1699593918
.creativecdn.com/	1970-01-21 00:52:09	Name: ts Value: 1699593918
.creativecdn.com/	1970-01-21 00:52:09	Name: u Value: FL6Wku007pCRtLUJ1VND
.smartadserver.com/	1970-01-21 00:53:36	Name: csync Value: 150:0
.adform.net/	1970-01-20 16:49:45	Name: C Value: 1
.demdex.net/	1970-01-20 20:25:45	Name: demdex Value: 51336058712646781082249261712010262085
.adform.net/	1970-01-20 17:32:57	Name: uid Value: 4082930082235494054
.dpm.demdex.net/	1970-01-20 20:25:45	Name: dpm Value: 51336058712646781082249261712010262085
.turn.com/	1970-01-20 20:25:45	Name: uid Value: 8324606202955567102
.1rx.io/	1970-01-21 00:52:09	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-47322927-19ca-4ba6-b630-a85f1b189122-003%22%7D
.servenobid.com/	1970-01-20 16:16:38	Name: pid_353 Value: 0000EEA
.rqtrk.eu/	1970-01-20 16:16:38	Name: browser_id Value: 1:8fddc405-ac8e-40cb-a754-ccc242562d4e
.disqus.com/	1970-01-21 00:52:09	Name: zeta-ssp-user-id Value: ua-a008e0b2-77c4-37c0-9e50-fd98588a465e
.targeting.unrulymedia.com/	1970-01-21 00:52:09	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-47322927-19ca-4ba6-b630-a85f1b189122-003%22%7D
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86189\|ZU2+w
.servenobid.com/	1970-01-20 16:16:38	Name: pid_346 Value: ua-a008e0b2-77c4-37c0-9e50-fd98588a465e
.servenobid.com/	1970-01-20 16:16:38	Name: pid_321 Value: RX-47322927-19ca-4ba6-b630-a85f1b189122-003
us-east-pbs.automatad.com/	1970-01-20 18:16:09	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiIyNzU2ODA5OTQzMDQwODE5ODQxIiwiZXhwaXJlcyI6IjIwMjMtMTEtMjRUMDU6MjU6MTguOTM2MzExMDM0WiJ9LCJwdWxzZXBvaW50Ijp7InVpZCI6IlVKem5ZZndqMVNSWCIsImV4cGlyZXMiOiIyMDIzLTExLTI0VDA1OjI1OjE4LjMwNTkxOTc5OVoifX0sImJkYXkiOiIyMDIzLTExLTEwVDA1OjI1OjE4LjMwNTg5MDYxMloifQ==
.zemanta.com/	1970-01-21 00:52:09	Name: zuid Value: XnJZF1dsCyRk6cMksuh8
sync.srv.stackadapt.com/	1970-01-21 00:52:09	Name: sa-user-id Value: s%3A0-8aff5d25-e392-5f6f-7a48-1c1c8adfb50c.QEilW9h3%2BI3gWEKq1tziX%2FxJbQcuFnJyBI8xUpyZeOk
.srv.stackadapt.com/	1970-01-21 00:52:09	Name: sa-user-id Value: s%3A0-8aff5d25-e392-5f6f-7a48-1c1c8adfb50c.QEilW9h3%2BI3gWEKq1tziX%2FxJbQcuFnJyBI8xUpyZeOk
sync.srv.stackadapt.com/	1970-01-21 00:52:09	Name: sa-user-id-v2 Value: s%3Aiv9dJeOSX296SBwcit-1DF_Tx4M.tlgfwmWOa2n90xHgGLyKpB4l3NN4rjqoJgNCf3EwB4w
.srv.stackadapt.com/	1970-01-21 00:52:09	Name: sa-user-id-v2 Value: s%3Aiv9dJeOSX296SBwcit-1DF_Tx4M.tlgfwmWOa2n90xHgGLyKpB4l3NN4rjqoJgNCf3EwB4w
sync.srv.stackadapt.com/	1970-01-21 00:52:09	Name: sa-user-id-v3 Value: s%3AAQAKIKzXRK_xFj_TazEtbt2v5o9Q3yoEKhewYMVHznjsin5VEHwYBCC__baqBjABOgRzygDyQgQuo4om.6NnhuaBm1x1xzWSfUbkOSGAcVVnCn6x6gefZgU8sShE
.srv.stackadapt.com/	1970-01-21 00:52:09	Name: sa-user-id-v3 Value: s%3AAQAKIKzXRK_xFj_TazEtbt2v5o9Q3yoEKhewYMVHznjsin5VEHwYBCC__baqBjABOgRzygDyQgQuo4om.6NnhuaBm1x1xzWSfUbkOSGAcVVnCn6x6gefZgU8sShE
.ipredictive.com/	1970-01-21 00:52:09	Name: cu Value: f9045b76-c89c-433b-8eba-abcf86bd70bd\|1699593919054
.liadm.com/	1970-01-21 01:42:33	Name: lidid Value: 00d6709e-0704-4c63-9a03-57806f461a14
.yahoo.com/	1970-01-21 00:52:31	Name: A3 Value: d=AQABBL--TWUCENlvGMcbgjSEYTGAyS-bPsIFEgEBAQEQT2VXZQAAAAAA_eMAAA&S=AQAAAgX1d7p29bOPTEbiZ3PjRh4
.amazon-adsystem.com/	1970-01-21 01:42:33	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 21:43:31	Name: ad-id Value: AxVnd9OOXE6NobsWoGIVXRs
.rezync.com/	1970-01-20 20:25:45	Name: zync-uuid Value: 7ae55a68-dddd-41ac-88d2-461725581aaa:1699593919.3784947
live.rezync.com/	1970-01-20 20:25:45	Name: sd-session-id Value: .eJwNwTEOgCAMAMC_dBaTIoWWz5hGOjCIBnQy_l3vHlhP67s2axfkq982wbAx6tHWWiBDUiPSyK78XEDdHHPxLkRMnohRVTNGEZJFUOYlcZCQ4P0AKJQaIA.ZU2-vw.00zw188LljaesR3SsHB6-AJfMRA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_w3ByQ2AMBADwA_tLJKTvUw3FqERKk9m_qtKX4SybR3m0Gvda5gnakQ0JD1IMjgJ3rPa6bUBciwjrToAAAA
.rfihub.com/	1970-01-21 01:28:09	Name: eud Value: H4sIAAAAAAAA_13IuQ2AQAwF0QqINqAKI9nrk26-WBoiJKQcqoIMicneHC0Cuxk8abyRMjbKHELqHGKWDGBlr7LqxbX0SC2Ns03f1JDr53v-nO7yANNipU5qAAAA
.servenobid.com/	1970-01-20 16:16:38	Name: pid_324 Value: 5124322329459643486

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://thewire.in/public/detail.css?ver=1.0 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://js.hs-scripts.com/4347679.js Message: Failed to load resource: the server responded with a status of 410 ()
javascript	error	URL: https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack(Line 81) Message: Access to XMLHttpRequest at 'https://adgebra.co.in/Adg_Analytics/GetImageDetails?docurl=https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack&rand=29' from origin 'https://thewire.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://adgebra.co.in/Adg_Analytics/GetImageDetails?docurl=https://thewire.in/health/delhi-safdarjung-hospital-cyber-attack&rand=29 Message: Failed to load resource: net::ERR_FAILED
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 499) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 499) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 499) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322329459643486&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D7ae55a68-dddd-41ac-88d2-461725581aaa%253A1699593919.3784947%26_%3D1699593919.3806906 Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

27468609a1af36f5a99fbe38afdb18a9.safeframe.googlesyndication.com
a.quora.com
a.teads.tv
a4p.adpartner.pro
aax.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ad.vidver.to
ad.vidverto.io
adgebra.co.in
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ap.lijit.com
b1sync.zemanta.com
b2cdn.automatad.com
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
cadmus.script.ac
cdn.adgebra.in
cdn.adgebra.net
cdn.automatad.com
cdn.knightlab.com
cdn.thewire.in
cdn.vidverto.io
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
config.aps.amazon-adsystem.com
connect.facebook.net
connect.soundcloud.com
contextual.media.net
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
csi.gstatic.com
dpm.demdex.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
frontend.thewire.in
fundingchoicesmessages.google.com
g2.gumgum.com
go.automatad.com
googleads.g.doubleclick.net
hb-api.omnitagjs.com
hb.minutemedia-prebid.com
hbopenbid.pubmatic.com
hbx.media.net
i.clean.gg
i.liadm.com
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
js.hs-scripts.com
live.rezync.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.a-mo.net
prebid.media.net
prg8.smartadserver.com
pubads.g.doubleclick.net
public.flourish.studio
public.servenobid.com
q.quora.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb.gumgum.com
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
scripts.atmtd.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
srvr.dmvs-apac.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.1rx.io
sync.adkernel.com
sync.go.sonobi.com
sync.ipredictive.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
syndication.twitter.com
tg.socdm.com
thewire.in
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-east-pbs.automatad.com
us-u.openx.net
use.fontawesome.com
usersync.gumgum.com
w.soundcloud.com
wt.rqtrk.eu
www.facebook.com
www.google.com
www.google.nl
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
adgebra.co.in
103.132.192.30
104.16.188.89
104.18.23.145
104.18.36.155
104.22.69.240
104.244.42.8
104.26.8.169
108.138.1.25
124.146.153.167
129.227.190.211
13.32.119.77
13.32.121.63
13.32.27.28
13.32.27.99
141.95.32.73
142.250.185.168
142.250.185.98
143.204.98.105
143.244.213.152
145.40.97.66
151.101.129.108
162.159.152.17
169.197.150.7
178.32.210.226
18.197.176.130
18.205.170.196
18.66.112.121
185.165.240.175
185.184.8.90
185.64.189.112
185.86.138.153
185.86.139.103
188.42.34.64
190.2.150.148
193.0.160.130
198.47.127.19
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
208.93.169.131
212.8.250.43
216.52.2.6
216.52.2.86
23.212.211.47
23.213.164.238
23.38.80.21
23.52.120.246
23.52.120.27
23.52.123.144
2400:52e0:1a01::1000:1
2400:52e0:1a01::992:1
2404:6800:4003:c05::5e
2600:9000:223f:5c00:1f:4c18:bd40:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:44f0
2606:4700:10::ac43:16bf
2606:4700:20::681a:8a9
2606:4700:3030::ac43:8fa1
2606:4700::6811:180e
2606:4700:e2::ac40:8d0d
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:806::200a
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::200a
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:830::200e
2a00:1450:400c:c06::9b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::649
2a05:d018:d29:3601:4c00:85ae:82c6:552b
2a06:98c1:3120::3
2a06:98c1:3121::3
3.120.44.6
3.221.87.219
3.75.62.37
34.120.63.153
34.160.108.227
34.247.205.196
34.250.149.102
34.95.69.49
35.207.221.200
35.244.159.8
35.71.131.137
37.157.4.28
37.252.171.21
44.195.172.121
46.228.174.117
51.83.220.94
51.89.9.254
52.31.140.196
52.46.151.131
52.70.1.191
52.71.51.170
52.72.176.107
54.171.198.71
54.76.48.154
69.166.1.66
69.173.144.138
70.42.32.255
72.251.241.196
77.245.57.72
99.81.57.59
99.86.4.39
040dfa23ca88069e2acc6a9d7f1b6eafbb35d483f2230149ac8ac3438f0b6ff7
0423d1a3a28b42f7eca64f196a5aa459b25dbd9d7705043a7a8c2d46c034311f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07732cf9164d5e50028ce5df4cb74a587f4a9a6282896085dc5187b74fe48cbe
0839ae4064aa36b16aa50e673dec923963cb9ce6eaf2cad783b270ef2adc1268
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1381c8c162e998fe5c8bd4fe525042c2e63c65df7ebe11b4485b251394567056
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59
1b6c06cde31bc24b8db92fc241fcdd0797d5da90b11f14be52ce588244b5f643
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
276a85f0c66ece83900c49b3dc860d5c98b61ac246abec409ce920fbf9179f9a
285108e47958f617dee7d583e1bb28c4900d451998f9eb5be99b49a641b75b02
2885b50cd377b00440d2061dd229f968c4a24228fff9eef0076f0886a645d433
294feb6a114a8d5497b34c14bd6666b75f0781447823cb048f2b52bad0237837
2db14043debab749d1f520f381ef39249f412dfabb16b92f127b34a032699880
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2ef806f90677b871606b848e1be59005b7000838cdeb37b2b43095fb1d747641
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3176dad4408f88d6e8f2fe3806132295be248e736ade0ce3e8004925124f2aa2
34f37587228ac4775545cfedb5562115acc03a0a265e642b7f664b94b1b2a92b
35e8c860bcf02fb86cfbb03cf8c1eaf1ff3b6ec54a5924ca9c8feee69872be5e
3b079a3ff21ceabb15fa5cac7f24b887e2cceac470b8eddeb9361fafa335db88
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
409aa29035df3891b3fb210c527adba7bb3aea94f90a1895580436cf6213c043
40cdb6667cdeded049f044e8d0b19d69172ee4690dbcf79a16058792ff26b8a7
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
42cdcdb769ea227cf6f8f431e83bf096848f20d824d57e3e0c1435a04f8a8943
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
436463dbbd471e6aae3cc0faf1b1598e276a77c83f6e5fd862a716dd16bf4451
450328db287c39d7254b673a7c467d084c2d7fabcaf0881340e8c91153d3aa64
460c6f30a9fa58183c40a005ac5abbac58f1eccea1962636c60cb092def93de8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4942a61945ec7c3aaf632e4e1dd5249dea7615756c7d3672d76d169e041a53e2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2f40fb6de657e7a786f10b9b75c31604532d0b63a10fbf87194b9955964a00
4ee23904cba5e5a82ab081497a1c153af2d7363aabd374fe64484ba1708955fb
5017d167832a48dae388a3bd2f95c4f85e950d3ae4e2d73ff2cbef3b0cbeb950
539dc8c0af21a812ea8601ff9d73664c58cd197bbaf36c6243befecf31c6ee4e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f63db68a68d6d618fb5113ceb6d555b6956ee256cce877c8fa728e1310bef6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99
599f45a18de02b55e6232b832d95ff9c82089aad4c4cc155f653e59e9a84dc85
5c1c1c200c9293a2f74ff7fc2fde7dfe2dbb5fe5f1500a828340032ce199e420
5ca31249c43b8f20f6dccf4c051b435db33fa022ffd90219d42bd6bfae7867ff
5d4ae21b3fbd9dbe98b36f430b4d56b079bbdd29db5739f3b57cc780a2aca65d
5d60c3f9c6e11e3f776f7adc30afba922f18ffa4d4293f46c349ffa0ddb4da59
5f155c532ca870ea4ce02210df732aba9d787dabe07f44e71f30a80b2fffaf31
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
64426d77cc6bdf77f7fac60e26116d9c5bed8822a11b9396efe297fc109aafd2
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68822d83fe064896a2cc9317fe941e8ddfcf43ccdae69622169f0af8aeeb37ee
6a15af42dcf8e6705a1ecea1dc8a864ce0c050b8c2dc5365d760f6f8b2477825
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ceeeed3b9329b221b249e77a7294fb15e629b9a9642e00021ee2873b4129127
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
731b9c77f15954baf2aafdc7aedd6e228bae8bb90de6d6621e3c402ac66f776d
736499b1d4ee23cba4b08523a3495d700ce6f9707b61f5abecd9b99e809b6878
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
765357f7250cefa4f94f60a2fa1ec8fd57524a921e7b3b102ce064e68192b426
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7ae70d67d57da61e5924e7b66fab509fd965f545d40d9e20fbb285d1bf25e262
7bb23de30daa7e81e2fafc5d2fbcada4b6fefc10c3251661952a341d6864aa8e
7d623e03a57f70c1ce57a31ec81c47ae104315eaa5fb2f89ca62534dda963b09
7e75cd871752609786d732a54d98237069a566bbf2cb46a096a03b327164fe37
7f70eaab1fd5f72c79c22ab477b6716271d7c8cd8842f631f96131a8022b11f6
803ac20b0345e3d5d741dc1c443d7d60034c564966758dee4254daa2ffaed607
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118
8365cb403aa38d2a52375b85215646f9c4460d1a39945ae9eca91bb355407edf
848d94007dc11d424a39605182bd5f46e4fce0e7ff9600c6424b6d6e9ea57860
888819a6f34e6e6cc36c1da11445ebad3e2f12afb1dcfe47f9070bf1f173430a
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89f3720a41e038f20df288f117212b2abafc40763263c6219c925e2d7fd37853
8a4ce76d8d63fb815180a54174dadf787f86abe33498aa8f7178ee6055f96f52
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
902c14b25019b0d78dec985b8e08ec85aa351f224d5e6bbd138a93d903ab429b
9081b6ff0373627eb70fbbe759b1bd862710ae63b1d8fb8ed9b7306cbc73ac63
9289cfce5b494a012aeb89f68536a034995ef24333c7b225a2b32e7254d9c8ff
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94336ec9a728c40889c2d010d0361b52075b29bf9ce2a5b07961f43f594e0a31
9508013aa8cb5143b32e62558f116c06a909d285eace78f4fe2b0a1f3e84fb83
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
97099da6fb4c43aa8cd1fa2cfb9dfefe93b07b3eac3fc20fc7094ff482871d39
997ca0b1cc154c71522c1d2171ec97c8df949b3378c809493355bc5f37b39e7a
9b1640e8a9d6efdefc03f6a0f5aa28438e95152c4621d98fa2ecdb30257584ee
9c016209709be03a701f72213727dbcebf530f82ba4ed860908c4adb80861ec7
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
9e91db88ab60963c82f145a3634d4eb4f04c738e386702a9192ac72066cd7c89
a0e267f245cd5cdecefff821742d9d166584e58a027ac67dea9db49277a55aca
a137c6f0c6d5056888bc215696e2c3ce04a906fd7e07bef82ecfcfe559559eff
a2f31ef0df161b787fc0a7e5ec20bcf3d3e5c24c0f2176fb5c5656b545af1654
a4416891b6143d4b1b8d95ba6a1394fc3ad2fc82c13d6ac2ccb713d1d5fc2c50
a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61
a770092b89874fd0140243763957f3f98eeeedc29fd6eb7b52c08afb2d04df0e
a86fc8e90237057b5966ead76f6a5477515da31b9ac0c9e4c732f7eabcd5e194
a8ed9456b74c249bdb7a50d95659d7f1cfeec6014d19c253680509cba050f599
ac2fe2697b560ed2c6826bf1e2aa8e2e11976155d5d72410a196d04beffb10a4
ada4a16db198a98bf1975d30e625b26ed73146c017e8e0c8366d18be8284a416
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a
b37216d11defe0179e79ba3ea02aaeddda4c0172a3ced113bd0a785134daa6b5
b729c1b11b86e24f68c54e0ea077b0abadaf772db8a342e19c7d79b1217fdd48
b77b6b1c82035a429699461941971a991d3b10f44389da5f88d8fa623a3718a8
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
b9607dedba0d574a54ba468572f8503fce02288031364033467dfbe7eac46677
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb3daa4de2ab7e57d626105b1a389f6b41d10faaa2c3be795ab171b9306c5069
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
be9ac5334c942b3faa67a8aed6530b2df9fd1881da01981edafe1c3cb61cad02
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c28815103cfee18922df043f4d9c7f51cf2025f5469bb5fb8db6bbda7bb2debd
c2a101f313f27c267a744088e44664a87d2ec7dc2a3464bf1319a95094dc76db
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c6871b85c46dbe6768b62845b6f6bfc1bb02351cd074732f7ded5bfceaedd458
cbff9ddbc592bc33112c8e134ab7c4964007e8e7956ee23bce18156e7d0b65d0
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f
cf56b9ab02e71124134fe967a552b3df1363722d7b0bee524abda31e403dd397
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d7411e404c220ae946c251130e35de8581ecebb864aa8184a525df4bb9a5a3f9
dccd4a386783ad94f41a889ffed96038034664a22a4c41c75cbbdcd3ceb46b94
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea09668a15867d88baef41cef4d46e69a75c9f5fb6597609c43f39ab81dae9b2
eac21187916702f6fe946b42fc8b65fe42f57d626620325477edc29fa47ce22e
edc0986e2d8f4af4b26611039c261a62f88bf3cf088a4f8634d567b98753c340
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1cadfc0d3c46286651ae90c2051a93ccbc3bb9e1758d5ce1c291e0f336d51f9
f63818db4f903937e866ed83e1e4d667dbf8cb940f66b1908f2701ff5a33211c
fe7be71169532a67a19a2178113658e2cf55413a21635fcd0a89060c839a5be6
ff4f488eb141eedf44d088315c2f3d9f62039e072749e34478843f41b6f66f92
ff9a2be960794ffc4738368eeec7262cd5bf70316287f8d2f0c3790170cf1277

thewire.in Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

295 Requests

90 %HTTPS

31 %IPv6

76 Domains

116 Subdomains

92 IPs

13 Countries

4712 kBTransfer

16234 kBSize

82 Cookies

11 Outgoing links

Redirected requests

295 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

thewire.in Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

295
Requests

90 %
HTTPS

31 %
IPv6

76
Domains

116
Subdomains

92
IPs

13
Countries

4712 kB
Transfer

16234 kB
Size

82
Cookies

295 HTTP transactions
5 data transactions