www.timesnownews.com Open in urlscan Pro
2a02:26f0:6c00::210:bb8a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-detai...
Submission: On April 06 via api (April 6th 2023, 3:19:39 pm UTC) from IN — Scanned from DE

Summary HTTP 235 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 80 IPs in 12 countries across 49 domains to perform 235 HTTP transactions. The main IP is 2a02:26f0:6c00::210:bb8a, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.timesnownews.com. The Cisco Umbrella rank of the primary domain is 80064.
TLS certificate: Issued by R3 on February 24th 2023. Valid for: 3 months.

This is the only time www.timesnownews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb8a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a03:2880:f21... 2a03:2880:f21c:81c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f21... 2a03:2880:f21c:81e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
7	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14de	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb68	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6812:d941	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1bb::2a5b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.32.121.17 13.32.121.17	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:9600:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
5	2a02:26f0:480... 2a02:26f0:480:39d::3857	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:64:... 2a02:26f0:64:681::3621	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
20	2606:4700:1::... 2606:4700:1::6813:884e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb32	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	34.232.231.107 34.232.231.107	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::714	54113 (FASTLY) (FASTLY)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb29	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.106.197 13.32.106.197	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	185.64.190.84 185.64.190.84	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	88.221.169.49 88.221.169.49	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
5	5.135.209.97 5.135.209.97	16276 (OVH) (OVH)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 5	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	104.18.11.47 104.18.11.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
2	104.126.125.209 104.126.125.209	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 6	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3	2a00:1450:400... 2a00:1450:4001:829::200d	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3038::6815:eb89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	213.155.156.183 213.155.156.183	1299 (TWELVE99 ...) (TWELVE99 Arelion)
4	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	103.229.206.240 103.229.206.240	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
13 15	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	54.154.146.140 54.154.146.140	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	54.225.127.60 54.225.127.60	14618 (AMAZON-AES) (AMAZON-AES)
3 3	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
3 5	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
2 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:d018:d29... 2a05:d018:d29:3601:26a7:915d:b928:9358	16509 (AMAZON-02) (AMAZON-02)
1	52.30.78.52 52.30.78.52	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.151 185.86.138.151	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	104.18.10.47 104.18.10.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	52.94.222.140 52.94.222.140	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
18	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638:3::f 2a02:2638:3::f	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:8... 2600:1901:0:8344::	15169 (GOOGLE) (GOOGLE)
1	185.64.190.82 185.64.190.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1ad::3857	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb08	() ()
235	80

36 2a02:26f0:6c00::210:bb8a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.timesnownews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f21c:81c4:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f21c:81e5:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14de (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

onelinksmartscript.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00::210:bb68 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.tnn.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d941 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1bb::2a5b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.growthrx.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:9600:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:480:39d::3857 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tvid.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64:681::3621 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

jssocdn.indiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:bb32 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

geoapi.tnn.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apiprod.timesnownews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.231.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-231-107.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:bb29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

jsso.indiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.106.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-106-197.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.84 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

ow.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.169.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-49.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 5.135.209.97 (Oignies, France)

ASN16276 (OVH, FR)
PTR: ip97.ip-5-135-209.eu

www18.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

timesnetwork-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.211.132 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.126.125.209 (Haarlem, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-125-209.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eb89 (United States)

ASN13335 (CLOUDFLARENET, US)

img.rtbsystem.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.183 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.206.240 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.194 (United States) 13 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.146.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-146-140.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.225.127.60 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-127-60.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.234 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.155.104 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:26a7:915d:b928:9358 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.78.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-78-52.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.222.140 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::f (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1ad::3857 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

agi-static.indiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:bb08 (None, )

ASN- ()

api.ibeat-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	timesnownews.com www.timesnownews.com — Cisco Umbrella Rank: 80064 apiprod.timesnownews.com — Cisco Umbrella Rank: 425284	1 MB
26	criteo.net static.criteo.net — Cisco Umbrella Rank: 670 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 12528 csm.eu.criteo.net — Cisco Umbrella Rank: 7853 pix.eu.criteo.net — Cisco Umbrella Rank: 9255	204 KB
23	doubleclick.net 13 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201 stats.g.doubleclick.net — Cisco Umbrella Rank: 100 cm.g.doubleclick.net — Cisco Umbrella Rank: 228	178 KB
20	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8594 c.mgid.com — Cisco Umbrella Rank: 5670 cdn.mgid.com — Cisco Umbrella Rank: 11443 servicer.mgid.com — Cisco Umbrella Rank: 8526 s-img.mgid.com — Cisco Umbrella Rank: 5087	294 KB
17	googlesyndication.com a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 145 pagead2.googlesyndication.com — Cisco Umbrella Rank: 111	77 KB
17	pubmatic.com 1 redirects ads.pubmatic.com — Cisco Umbrella Rank: 509 ow.pubmatic.com — Cisco Umbrella Rank: 3384 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 500 image6.pubmatic.com — Cisco Umbrella Rank: 779 image2.pubmatic.com — Cisco Umbrella Rank: 999 simage2.pubmatic.com — Cisco Umbrella Rank: 733 t.pubmatic.com — Cisco Umbrella Rank: 3882 simage4.pubmatic.com — Cisco Umbrella Rank: 1232	185 KB
12	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 498 eus.rubiconproject.com — Cisco Umbrella Rank: 577 token.rubiconproject.com — Cisco Umbrella Rank: 574 pixel.rubiconproject.com — Cisco Umbrella Rank: 340	16 KB
12	amazon-adsystem.com 5 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 309 aax.amazon-adsystem.com — Cisco Umbrella Rank: 412 s.amazon-adsystem.com — Cisco Umbrella Rank: 301 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 964	65 KB
7	criteo.com dis.criteo.com — Cisco Umbrella Rank: 718 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 26061 ads.eu.criteo.com — Cisco Umbrella Rank: 7796 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13528 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9585	82 KB
6	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 569	6 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 90 accounts.google.com — Cisco Umbrella Rank: 87	80 KB
6	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 230 acdn.adnxs.com — Cisco Umbrella Rank: 581	22 KB
6	smartadserver.com www18.smartadserver.com — Cisco Umbrella Rank: 43720 ssbsync.smartadserver.com — Cisco Umbrella Rank: 751	2 KB
5	tvid.in tvid.in — Cisco Umbrella Rank: 63147	186 KB
5	tnn.in static.tnn.in — Cisco Umbrella Rank: 111763 geoapi.tnn.in — Cisco Umbrella Rank: 492208	41 KB
4	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 302 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	2 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 368	1 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 2236	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2284	20 KB
4	indiatimes.com jssocdn.indiatimes.com — Cisco Umbrella Rank: 77236 jsso.indiatimes.com — Cisco Umbrella Rank: 43319 agi-static.indiatimes.com — Cisco Umbrella Rank: 67128	15 KB
3	adform.net 3 redirects dmp.adform.net — Cisco Umbrella Rank: 3290 c1.adform.net — Cisco Umbrella Rank: 584	2 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 23417 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 28482	898 B
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1542 mab.chartbeat.com — Cisco Umbrella Rank: 2438	25 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	199 KB
3	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 17139	69 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 793 syndication.twitter.com — Cisco Umbrella Rank: 1106	132 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	10 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	98 KB
2	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 805 id.crwdcntrl.net — Cisco Umbrella Rank: 1729	585 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5011	562 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 650 cdn.indexww.com — Cisco Umbrella Rank: 1561	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5216 adservice.google.de — Cisco Umbrella Rank: 7832	939 B
2	openx.net timesnetwork-d.openx.net — Cisco Umbrella Rank: 910042 u.openx.net — Cisco Umbrella Rank: 651	473 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 162	3 KB
2	instagram.com 1 redirects platform.instagram.com — Cisco Umbrella Rank: 8229 www.instagram.com — Cisco Umbrella Rank: 1195	20 KB
1	ibeat-analytics.com api.ibeat-analytics.com	403 B
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1429	254 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 400	653 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 913	425 B
1	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 552	433 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 804	612 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 712	590 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 507	736 B
1	rtbsystem.org img.rtbsystem.org — Cisco Umbrella Rank: 35819	17 KB
1	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 473	121 KB
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1399	394 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1231	201 B
1	growthrx.in static.growthrx.in — Cisco Umbrella Rank: 59078	14 KB
1	appsflyer.com onelinksmartscript.appsflyer.com — Cisco Umbrella Rank: 50976	19 KB
235	49

	Domain	Requested by
36	www.timesnownews.com	www.timesnownews.com
18	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
15	cm.g.doubleclick.net	13 redirects www.timesnownews.com
9	tpc.googlesyndication.com	a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
8	s-img.mgid.com	www.timesnownews.com
7	securepubads.g.doubleclick.net	www.timesnownews.com securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	pixel.rubiconproject.com	3 redirects www.timesnownews.com
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com www.timesnownews.com
5	cdn.mgid.com	www.timesnownews.com
5	ib.adnxs.com	2 redirects ads.pubmatic.com acdn.adnxs.com
5	www18.smartadserver.com	ads.pubmatic.com
5	tvid.in	www.timesnownews.com tvid.in
4	pix.eu.criteo.net	ads.eu.criteo.com
4	token.rubiconproject.com	4 redirects
4	match.adsrvr.org	ads.pubmatic.com ssum-sec.casalemedia.com www.timesnownews.com
4	a.audrte.com	3 redirects ads.pubmatic.com
4	image2.pubmatic.com	ads.pubmatic.com
4	jsc.mgid.com	www.timesnownews.com jsc.mgid.com
4	static.tnn.in	www.timesnownews.com
3	csm.eu.criteo.net	ads.eu.criteo.com
3	aax-eu.amazon-adsystem.com	2 redirects www.timesnownews.com
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	simage2.pubmatic.com	ads.pubmatic.com
3	accounts.google.com	www.timesnownews.com accounts.google.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.timesnownews.com
3	www.googletagmanager.com	www.timesnownews.com www.googletagmanager.com
3	cdn.izooto.com	www.timesnownews.com cdn.izooto.com
3	c.amazon-adsystem.com	www.timesnownews.com c.amazon-adsystem.com
3	ads.pubmatic.com	www.timesnownews.com ads.pubmatic.com
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	www.googletagservices.com	a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com
2	ads.eu.criteo.com	a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com
2	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com
2	ups.analytics.yahoo.com	2 redirects
2	c1.adform.net	2 redirects
2	cr.frontend.weborama.fr	2 redirects
2	d5p.de17a.com	2 redirects
2	image6.pubmatic.com	1 redirects ads.pubmatic.com
2	eus.rubiconproject.com	ads.pubmatic.com eus.rubiconproject.com
2	servicer.mgid.com	jsc.mgid.com
2	www.google.com	www.timesnownews.com tpc.googlesyndication.com
2	ow.pubmatic.com	ads.pubmatic.com
2	jsso.indiatimes.com	jssocdn.indiatimes.com
2	static.chartbeat.com	www.timesnownews.com
2	sb.scorecardresearch.com	www.timesnownews.com
2	platform.twitter.com	www.timesnownews.com platform.twitter.com
1	api.ibeat-analytics.com
1	agi-static.indiatimes.com	www.timesnownews.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	t.pubmatic.com	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	lexicon.33across.com	ads.pubmatic.com
1	imageproxy.eu.criteo.net	ads.eu.criteo.com
1	rtb.nl3.eu.criteo.com	www.timesnownews.com
1	rtb.fr3.eu.criteo.com	www.timesnownews.com
1	px.ads.linkedin.com	www.timesnownews.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	ad.turn.com	1 redirects
1	ssbsync.smartadserver.com	ssum-sec.casalemedia.com
1	match.prod.bidr.io	ssum-sec.casalemedia.com
1	um.simpli.fi	ads.pubmatic.com
1	dmp.adform.net	1 redirects
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	cms.quantserve.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	img.rtbsystem.org	www.timesnownews.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	acdn.adnxs.com	ads.pubmatic.com
1	js-sec.indexww.com	ads.pubmatic.com
1	u.openx.net	ads.pubmatic.com
1	c.mgid.com	jsc.mgid.com
1	imasdk.googleapis.com	www.timesnownews.com
1	www.google.de	www.timesnownews.com
1	timesnetwork-d.openx.net	ads.pubmatic.com
1	fastlane.rubiconproject.com	ads.pubmatic.com
1	a.teads.tv	ads.pubmatic.com
1	hbopenbid.pubmatic.com	ads.pubmatic.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	mab.chartbeat.com	static.chartbeat.com
1	region1.google-analytics.com	www.googletagmanager.com
1	syndication.twitter.com	platform.twitter.com
1	ping.chartbeat.net	www.timesnownews.com
1	apiprod.timesnownews.com	www.timesnownews.com
1	geoapi.tnn.in	www.timesnownews.com
1	jssocdn.indiatimes.com	www.timesnownews.com
1	static.growthrx.in	www.timesnownews.com
1	onelinksmartscript.appsflyer.com	www.timesnownews.com
1	www.instagram.com	www.timesnownews.com
1	platform.instagram.com	1 redirects
235	97

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.letstalkgrowth.co.in
indiadigitalfest.in
www.linkedin.com
wa.me
news.google.com
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
vkfeed.indiatimes.com R3	`2023-02-24` - `2023-05-25`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-22` - `2023-09-24`	a year	crt.sh
www.torqus.com R3	`2023-02-22` - `2023-05-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-13` - `2023-06-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
data.indiatimes.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-26` - `2024-02-28`	a year	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
samayam.indiatimes.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-31` - `2024-04-03`	a year	crt.sh
indiatimes.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-10` - `2023-07-11`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
jsso.indiatimes.com Thawte TLS RSA CA G1	`2023-02-13` - `2024-01-09`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.match.prod.bidr.io Amazon RSA 2048 M02	`2023-02-09` - `2024-01-26`	a year	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2023-06-25`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-14` - `2023-06-09`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-26` - `2023-06-29`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2023-02-15` - `2023-05-17`	3 months	crt.sh
npepaper.indiatimes.com R3	`2023-02-07` - `2023-05-08`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Frame ID: 264E2CB32E0BED7E97B98EF67D3C4D63
Requests: 137 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.timesnownews.com
Frame ID: 141921D45E4AAA4B1C2E8AEB69E0E532
Requests: 2 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 04F1FDE25B682DDBA3B809306390F15A
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 2C8B397C967C02062752336DF1DA72AF
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 47CD81DEFA89B5D47520280EF6D4C406
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0AF6C42584EFFA9F77C9BAA9BF2B4B33
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 544BFA9EF6DFE989F07F7B2EC1934D58
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Frame ID: F4C3BA19A1D3880774F78E5721597BA0
Requests: 12 HTTP requests in this frame

Frame: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9455E0BE1A3BF20063E085649BBAF362
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 1EC086ED29E5E9DD7643C72C773E192B
Requests: 10 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3233307829599660863
Frame ID: 361164DF313A6A8E0364432BE5FCD3F8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5313642e-e307-4000-abaa-97b74f62c764&gdpr=0&gdpr_consent=
Frame ID: 86F978ADCC73BB814B737CF92B84BB2F
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 782ABD2DA20E6D37CE4A5E86E608A978
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dhMHTCUUBR9tHlRNdhAYSCZDUxttQ1NNIUSLIM5g
Frame ID: FD9F7778DB421A451ADCAC33682E725F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4928928972027488064&gdpr=0&gdpr_consent=
Frame ID: 2E3428228E939B71EA416FA46EB4C65C
Requests: 1 HTTP requests in this frame

Frame: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5CD1731052BE802E6F2E445D9C4DB739
Requests: 9 HTTP requests in this frame

Frame: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1E93861AAE8E7D3DC0BF5BD4F5730C91
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZC7jBgAHoFYK3trIAA07L8C1WY9ze01m9VF99g&u=%7CC7Jrtr70AVgA%2F5fD9UUZCaD3w%2Ft5cjCJ%2BCChsRRfl9A%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SSF2iDXoOgiUsev6AkWZhvYejRA8VzOzRevlAPY6tgnjJWbHa_GrCWv6UxVM4yf4umnIPteApTtKhAp2v4BLwAdGMeYQxTIH0UdmjXEchRj7S18vLw_WeaqKd_TmvPQWrF76jvQsEFDzdwf0uBscXxASv0DWhd-y4kgqX5wjkCDCWaorIGLRm4z83uqwqVOeTp_jfv5Ovc7VgQvOysJrOhYsAjRVKoq8LGt8rlplA2BtHaTj1pI78sW7_SqMmuUpOB2kL2DNbnAYfxSfDbcSQuwjr9SOHOSqIZRL-Tug1IcB8nhgs6-a3kwMJcBlVYI2tskVMKHLbeFVNIdopC6jRLKG-WX4GdhJTiyF0dbXx62LMaGEZp7b8PC1QqCJQEG4BNpIbXV51nIPO4KtnoiEj6oRlbc2vwcvdfKvA54LI-oogEyd59zpgKPNSIyVNVxk8jqWBUXqceJx7Yw7CY-8JlCgHdFgRUdeB5JH9poFuts9XAgtMsJ25tVv0ZcwgzclZ3aPyTyl0Wom68P1I2imBfwqZoBgCx3RXyAv9k6FOWvw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHvhMBuMuZNbAHsi1-wav9rTgDsme0rFc1Z2R93DAjbcBEAEgAGCVgoeCmAeCARdjYS1wdWItNTg3NjQ3ODg3MjA0Nzc1OMgBCakCAdiDLVFQsj7gAgCoAwGqBJADT9BdX2bFFoRBn1x8S4wG1p3gOQP9Q_XT7QwzSOFSWLQi001jVVdCbm6z58FdStxi9MPXOaHgvUNnXbKjnaW36SHmNp_usAllsYuBoM0wt4Cfn1UeQDT4bP1_GMao1xcFbTYljQbbJsYmb6ScmKeI3cf7kR475Ax5oMIwbsQ2CwI60YdZshS0q4aa3h5F2F9PU1WDEqfQ3XDgzU0R6rFoX365BfdJApBR5QJRzx9yuIYcamaMM3DspYNWhaE4g93jij90C_zLjdIpyPcoLBQUDyp-UXdnpkUwloW7OlmFGTnGck0JW_jF-dh-N8L9cTi-ol0CvzPAIhluHdRMfD-dyjdPGEGoyYlh1NvPqdzCJ4FIPoTvCgrWpYdZT4nleLSUth2DTA_qIShpwz-MyeA7Hl_OdJzOdJXAlyn67AlQ6HnGrnbGIP6F4_RnNGsUM73BgKTlPrELbLUaSMx4m3NhDTSyeZMKMsxTp05Q1Rs6ERwLf5n4n9WKcBnAeGuy3fMHZbc6cbbCl6A5LS7yj-NbiOAEAYAG2bSkpNye4dXFAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1_I_s2lg9RhPnHAu6FBBUZLUoYDg%26client%3Dca-pub-5876478872047758%26adurl%3D
Frame ID: E7FF09C0950B289B7195FDBB85028CCC
Requests: 15 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZC7jBgAHoFoK3trIAA07L16mGkUhGIaQxPs60g&u=%7CC7Jrtr70AVgD66mPhSRqaSj1krdbGiiGBVy4V%2FUyC2w%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvlKe-eiyFaOWLGNFyZNZF27p-ZclUTq8Q8M8q60hnESsOzgbtZvG6omFfn3z2pOS4Z8_Jpa0P0cSFQunJrMVjFJVG4YaMEd1as22xmgIBV5yxzFnFcg1sEM8Nurqlc5jP7yvdRk4GE7NyTR-r8CeTzWxj_6i77nZk3o-KdspDeE1OqrkccamcFxyfkmmYZZRG1VXXmiiExMMLZ0C-Bwj-fNVberq-t8-a8CTWC29SayvDrKj-L-NczC6uKBUcHC1YdKpm2_a1zI7ZPoGzVpgTJNinjBPB18okypX69pQdDG3vhM-d9B0sct7QW7865nyStH6eJciU1kqRbWSwZgQUDe-tOdY5vvTvJUPxdN8tkomrPLGV_T16eN0ldi518Bt5ezuCz8HfupHCbo7zK-J5vUkZ8Ker07FBWpxmg5ybxhUfxAA06dNoowaQhpC8xTkdJPCcHVC8YLa8_Xo_vIeHe8M9UpGXQQxmy0jRIH26biTknSQQL3Ohv0OBNmUZ79PZXiBJHOs86LPyDDgjRDppxDDw_88zJ1itCFRJHlnX9EA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlM6BuMuZNrAHsi1-wav9rTgDsme0rFczaOW93DAjbcBEAEgAGCVgoeCmAeCARdjYS1wdWItNTg3NjQ3ODg3MjA0Nzc1OMgBCakCAdiDLVFQsj7gAgCoAwGqBKEDT9Dy2yjwda8yeGO5QWmmDfRwXKLAAlJqKJsyca_X1Esyyytkilc-g1MRzzNQEgf6EgvvGnkef5lOJruXmOpyKPE2grdIlkt3oXD2_nEBc6E5GvupkTGjWAWhcMxVtngQ6uvuUF8jw_kgKt_i3W5hKu-NMKTlWRHr4FlturfJ3uMrfBp34gNUXp56Yl_yJD00PPgaE5-r9hSxZIlG7B28-nJMqfBNno4ayzMFO_d84rR2Je9H2s6eQ56iRgl9q5qeo8T8sGNCrsNiqIjOkOm8MJjSJrb5U4KS0S-pJAgZpvQ2pwZNIrR7O3FUJLEJHKiK2urw6LkE9BnrSkcvLTxsgsgkmQv4qmeG9s3DyxRETO0Ob4IdvhHijA-ERw3gMxXa5oo-xXCLhimF_C7EEoyXB0sMhamNGGOY4JkpVwSSgXILz4wqycE1GsQhreu1-PQ6rxtCaClkR3RZdUqus-54HGkIzNdOchpt5RC0LJhN9R7xxaZsVd8o_phWMRJeRJou4rdgV6DMyflzmLJBdIJw9CUd0R1-o0XaL00ZN4N1lwfS4AQBgAaxq8ilwu-P2QigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_10Rb4ihnSdGG6IUJUmZpl-0jpQ6w%26client%3Dca-pub-5876478872047758%26adurl%3D
Frame ID: BCD7F5B8C7706FDDA45B1A23333C0EB7
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9145FBD4057804085C060AC4CF7A8DF6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FB5FA9E56FB35B53DD9168588314C8C8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Threat Mail Sent To Noida News Channel Claims Plot To Assassinate PM Modi, UP CM Yogi — DETAILS | India News, Times Now

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

235
Requests

89 %
HTTPS

53 %
IPv6

49
Domains

97
Subdomains

80
IPs

12
Countries

3398 kB
Transfer

10671 kB
Size

59
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Timesnow

Search URL Search Domain Scan URL

URL: https://twitter.com/timesnow

Search URL Search Domain Scan URL

URL: https://www.instagram.com/timesnow

Search URL Search Domain Scan URL

URL: https://www.letstalkgrowth.co.in/?utm_source=timesnownews&utm_medium=homepagegroup
Title: Let’s Talk Growth

Search URL Search Domain Scan URL

URL: https://indiadigitalfest.in/
Title: IDF

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Threat%20Mail%20Sent%20To%20Noida%20News%20Channel%20Claims%20Plot%20To%20Assassinate%20PM%20Modi,%20UP%20CM%20Yogi%20%E2%80%94%20DETAILS&url=https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMK-p_Qowq-D0Ag?hl=en-IN&gl=IN&ceid=IN:en
Title: Follow us on: News

Search URL Search Domain Scan URL

URL: https://apps.apple.com/in/app/times-network/id979120111

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.timesnowmobile.TimesNow

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js

Request Chain 125

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 126

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 139

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3233307829599660863

Request Chain 140

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5313642e-e307-4000-abaa-97b74f62c764&gdpr=0&gdpr_consent=

Request Chain 142

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dhMHTCUUBR9tHlRNdhAYSCZDUxttQ1NNIUSLIM5g

Request Chain 143

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4928928972027488064&gdpr=0&gdpr_consent=

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Rs6vgATsTw6OLTRomo3OfA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Rs6vgATsTw6OLTRomo3OfA%3D%3D&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 146

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1904088446 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=46CEAF80-04EC-4F0E-8E2D-34689A8DCE7C

Request Chain 147

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=46CEAF80-04EC-4F0E-8E2D-34689A8DCE7C HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Y2FmQVpFTkV5UHNUeUtXc251SHgtcDV3Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=5719805236478613551&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDZDRUFGODAtMDRFQy00RjBFLThFMkQtMzQ2ODlBOERDRTdD&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDZDRUFGODAtMDRFQy00RjBFLThFMkQtMzQ2ODlBOERDRTdD&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMLsTav1E8hrbkpzhjltlNw&google_cver=1

Request Chain 151

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5719805236478613551

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZC7jBocOCv3dp42aYNqlvgAADQQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZC7jBocOCv3dp42aYNqlvgAADQQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFt83AphmQVKPg5OUMLgx1g&google_cver=1

Request Chain 155

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZC7jBocOCv3dp42aYNqlvgAADQQAAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZC7jBocOCv3dp42aYNqlvgAADQQAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 156

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZC7jBocOCv3dp42aYNqlvgAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZC7jBocOCv3dp42aYNqlvgAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENtQulX0e-ua_nXe0kBfjpE&google_cver=1

Request Chain 157

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZC7jBocOCv3dp42aYNqlvgAADQQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZC7jBocOCv3dp42aYNqlvgAADQQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&verify=true HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/ZC7jBocOCv3dp42aYNqlvgAADQQAAAIB?us_privacy=

Request Chain 160

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4405112478713697268

Request Chain 164

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2IzYTkwM2Y5NWE3ZDc3ZDc4NGRkMzljNzUyMTU4OWM5MjYzOTdiZQ

Request Chain 165

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL_Ms2EkQtvNIVhfifR4BGc&google_cver=1

Request Chain 166

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=32kzvJ3MQoK26V0gWDPu2A&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=32kzvJ3MQoK26V0gWDPu2A

Request Chain 167

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEc1OUtOQVEtSS1LRE9B HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOKbMZyIXAfnoMkDvirtZjs&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEc1OUtOQVEtSS1LRE9B&google_push=

Request Chain 168

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IQ2iy9LSTP-RejF1-wKlNg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IQ2iy9LSTP-RejF1-wKlNg

Request Chain 170

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LG59KNAQ-I-KDOA

Request Chain 171

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/80liANl4hfg9H2325slSig?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-il2OBAdE2oJ2HXe3pvXyBUuznU3Y.9HObj41IQ--~A

235 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585 Show response
www.timesnownews.com/india/ 428 KB
95 KB 761ms
609ms Document
text/html 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

d7f6b041eeb5b285adf64dee7391bd6a18fbde965a78985eb737e16da0a8ce41

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 96385
content-type: text/html; charset=utf-8
date: Thu, 06 Apr 2023 15:19:33 GMT
etag: W/"6b074-Oi/PAwroBiaYJgS0ssMcbbY6zvc"
expires: Thu, 06 Apr 2023 15:19:33 GMT
pragma: no-cache
redis-key: tnn_DESKTOP:/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
server: Bhoot
strict-transport-security: max-age=25920000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-response-time: 120.150ms
x-xss-protection: 1; mode=block

GET
H2

200

embed.js Show response
www.instagram.com/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js

55 KB
20 KB

126ms
63ms

Script
application/x-javascript

2a03:2880:f21c:81e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/embed.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Server

2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d2caf811318d269bd28dce1ea50a314ceaec1e20bc05a2a1ca3ffbd280534c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: br
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-md5: xchstqibIXh/2OitYLhsJw==
document-policy: force-load-at-top
edge-control: cache-maxage=1200s
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19435
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
x-fb-debug: Evg8F0ZqTbLY6NKI6AVoahIGwWMM0Klqm0XJUUf5W0BarXWiHc0soKd6bXlk+HUChV+51CZ+0wCc0HQzejGcyA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 1c71b2d3e9b32439150ad5cd573f8206
cross-origin-opener-policy: same-origin-allow-popups
etag: "32996d5113d2823da17a2f024c084187"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:39:33 GMT

Redirect headers

location: https://www.instagram.com/embed.js
date: Thu, 06 Apr 2023 15:19:33 GMT
x-fb-trip-id: 1425083115
server: proxygen-bolt
content-length: 0
content-type: text/plain

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 79ms
19ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 15:19:33 GMT
Content-Encoding: gzip
Age: 1321
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/675D)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 dfpamzn.js Show response
www.timesnownews.com/ 6 KB
2 KB 48ms
47ms Script
application/javascript 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/dfpamzn.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

a741eb6a7948e21ae14aa87a17470a79a9a7a64df4a0993a42fa7f0b9ed83ead

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 2088
x-xss-protection: 1; mode=block
x-response-time: 1.366ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"1957-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 154ms
105ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7dd66327f3a9df4fdf0c9c601efa90c406e432f7007137467767115e19817bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25655
x-xss-protection: 0
server: cafe
etag: 770 / 19453 / m202303300101 / config-hash: 10004049301988528966
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156537/445/ 526 KB
156 KB 71ms
20ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0dd73964e0d701c6ed31ada67ddfa6d69c4be7fca2bbe878994022549d2865c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:33 GMT
content-encoding: gzip
last-modified: Fri, 31 Mar 2023 06:09:30 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=88137
accept-ranges: bytes
content-length: 158539
expires: Fri, 07 Apr 2023 15:48:30 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 224 KB
55 KB 80ms
21ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5056f93d2315caf4c9d3a9c6a47f7b7ecbb29d2544909b9b1f296f6ab17e6b29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 14:24:35 GMT
content-encoding: gzip
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront), 1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
last-modified: Wed, 05 Apr 2023 20:18:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 3299
x-amz-server-side-encryption: AES256
etag: W/"f3bdba5d8011fb0ade3d89050f53abe7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: GYU-vB43cX6LN-OxdjQXzamBZgkDAJnevy1qcq69xcF95s6GlZRgTg==

GET
H2 200 onelink-smart-script-latest.js Show response
onelinksmartscript.appsflyer.com/ 86 KB
19 KB 170ms
36ms Script
application/javascript 2a02:26f0:3500:11::215:14de
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://onelinksmartscript.appsflyer.com/onelink-smart-script-latest.js
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14de Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95ef23651da5043776c8f1da1d593e3a7ce538b0d7706c0961a1687487deb647

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:33 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 06:15:26 GMT
server: AmazonS3
x-amz-request-id: GHC124VDD4NTTFFA
etag: "3f486fde5fea2b89826d0348b68f8f47"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 19555
x-amz-id-2: Yr/7gwHkArsJPceeKklZYNoBNY7EPj35L9+z0TAtRvca6/vFCeHM+1QmeKaWpL4ud4zWlr4D2Vg=
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 india-flag.png
www.timesnownews.com/assets/images/ 599 B
887 B 45ms
44ms Image
image/png 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/images/india-flag.png

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

72f100a2a6a7cd2ccef3e79dbf46b5fa2821daf411ffd8e6429e4e6e62b26dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 0.959ms
pragma: no-cache
strict-transport-security: max-age=25920000; includeSubdomains
date: Thu, 06 Apr 2023 15:19:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"257-185ce204338"
content-type: image/png
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 599
x-xss-protection: 1; mode=block
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 sprite-global.svg
www.timesnownews.com/assets/icons/svg/ 92 KB
30 KB 41ms
41ms Other
image/svg+xml 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/assets/icons/svg/sprite-global.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

66019a14c7a446b614109364529f0fc53ebf28e9dafcd3771121e19bfc50270f

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 30561
x-xss-protection: 1; mode=block
x-response-time: 0.954ms
pragma: no-cache
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"17076-185ce204338"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 logo-large.svg
www.timesnownews.com/assets/icons/svg/ 6 KB
3 KB 53ms
51ms Image
image/svg+xml 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/logo-large.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

80c1e1ac3c87115854e5bceffdf916959fb9278e9782dfb3124abe2b7dfb0379

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 2812
x-xss-protection: 1; mode=block
x-response-time: 29.441ms
pragma: no-cache
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"16c5-185ce204338"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 short-video-logo.svg
www.timesnownews.com/assets/images/ 11 KB
5 KB 53ms
51ms Image
image/svg+xml 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/images/short-video-logo.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

bdbaf7ad9623cbf4cf34c4748d7ac5d760097fde17b3f46a3ae8fd3fc35d7bd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 4446
x-xss-protection: 1; mode=block
x-response-time: 7.339ms
pragma: no-cache
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"2c66-185ce204338"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 shorts-outline-Black.gif
www.timesnownews.com/assets/images/ 72 KB
73 KB 55ms
53ms Image
image/gif 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/images/shorts-outline-Black.gif

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

7a45e54b3007cf827926980231002644b7a75614e07febdecf41ed6ea47be063

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 0.971ms
pragma: no-cache
strict-transport-security: max-age=25920000; includeSubdomains
date: Thu, 06 Apr 2023 15:19:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"120dc-185ce204338"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 73948
x-xss-protection: 1; mode=block
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 99287701.jpg
static.tnn.in/photo/msid-99287701,imgsize-26968,updatedat-1680761329989,width-1280,height-720,resizemode-75/ 22 KB
22 KB 245ms
56ms Image
image/webp 2a02:26f0:6c00::210:bb68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.tnn.in/photo/msid-99287701,imgsize-26968,updatedat-1680761329989,width-1280,height-720,resizemode-75/99287701.jpg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

a9c59d428ca2f246581987e8e3132db0c62e7e4ee64b823779940a2db0a32f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	sameorigin, sameorigin
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Thu, 06 Apr 2023 15:19:33 GMT
x-content-type-options: nosniff, nosniff
server: Bhoot
etag: 26968
x-frame-options: sameorigin, sameorigin
content-type: image/webp
imagemagick_im4java: 1
cache-control: public, must-revalidate, max-age=31524948
server-timing: cdn-cache; desc=HIT, edge; dur=5, ak_p; desc="466887_34650980_309120696_454_1614_45_0";dur=1
appgn: 17224409301231680761365959
content-length: 22272
x-xss-protection: 1; mode=block, 1; mode=block
expires: Fri, 05 Apr 2024 12:15:21 GMT

GET
H2 200 88386381.jpg
static.tnn.in/photo/msid-88386381/ 4 KB
5 KB 240ms
51ms Image
image/webp 2a02:26f0:6c00::210:bb68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.tnn.in/photo/msid-88386381/88386381.jpg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

6d60981e838ab9df007f58e3ab6a742bf6516d84b0204b838502fb951ddfa758

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	sameorigin, sameorigin
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
date: Thu, 06 Apr 2023 15:19:33 GMT
x-content-type-options: nosniff, nosniff
server: Bhoot
etag: 38965
x-frame-options: sameorigin, sameorigin
content-type: image/webp
imagemagick_im4java: 1
cache-control: public, must-revalidate, max-age=31291162
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466887_34650980_309120697_26_1578_45_0";dur=1
appgn: 17229387501231680406107516
content-length: 4124
x-xss-protection: 1; mode=block, 1; mode=block
expires: Tue, 02 Apr 2024 19:18:55 GMT

GET
H2 200 times-now.png
www.timesnownews.com/assets/images/ 714 B
1002 B 77ms
76ms Image
image/png 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/images/times-now.png

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

731574e91e9031c7cf84fc4eaa7d40a90bd3f0bc513e35ab1f1737c448f3fcd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 2.179ms
pragma: no-cache
strict-transport-security: max-age=25920000; includeSubdomains
date: Thu, 06 Apr 2023 15:19:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"2ca-185ce204338"
content-type: image/png
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 714
x-xss-protection: 1; mode=block
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 times-now-navbharat.png
www.timesnownews.com/assets/images/ 882 B
1 KB 54ms
52ms Image
image/png 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/images/times-now-navbharat.png

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

46117cd5dd92a7c23f9b9abe02a533f3b625ee59a4d4d5758122c6382516f0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 29.643ms
pragma: no-cache
strict-transport-security: max-age=25920000; includeSubdomains
date: Thu, 06 Apr 2023 15:19:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"372-185ce204338"
content-type: image/png
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 882
x-xss-protection: 1; mode=block
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 et-now.png
www.timesnownews.com/assets/images/ 706 B
994 B 65ms
63ms Image
image/png 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/images/et-now.png

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

8b0b4cf19e0e192f51a39a51df8b709a1019d01a95115c99396ad7c612f92b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 0.955ms
pragma: no-cache
strict-transport-security: max-age=25920000; includeSubdomains
date: Thu, 06 Apr 2023 15:19:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"2c2-185ce204338"
content-type: image/png
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 706
x-xss-protection: 1; mode=block
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 et-now-swadesh.png
www.timesnownews.com/assets/images/ 939 B
1 KB 57ms
56ms Image
image/png 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/images/et-now-swadesh.png

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

a510677284d928d6efbc9b2f3e9d88fe1bc8f0be327da4f8d634a9ff04f573fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 60.922ms
pragma: no-cache
strict-transport-security: max-age=25920000; includeSubdomains
date: Thu, 06 Apr 2023 15:19:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"3ab-185ce204338"
content-type: image/png
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 939
x-xss-protection: 1; mode=block
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 mirror-now.png
www.timesnownews.com/assets/images/ 735 B
1 KB 78ms
77ms Image
image/png 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/images/mirror-now.png

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

bc4c79e8d7f87579fa81d44b5d6bbda4bbe652abd26c90b30d1cd7a4e4451b43

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 61.078ms
pragma: no-cache
strict-transport-security: max-age=25920000; includeSubdomains
date: Thu, 06 Apr 2023 15:19:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"2df-185ce204338"
content-type: image/png
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 735
x-xss-protection: 1; mode=block
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 app-store-w.png
www.timesnownews.com/assets/images/OpenInApp/ 560 B
848 B 79ms
78ms Image
image/png 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/images/OpenInApp/app-store-w.png

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

6cf2f763bc558a79479c3151a2459902be51ee91e05806dfc4415f4e14ff66d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 7.771ms
pragma: no-cache
strict-transport-security: max-age=25920000; includeSubdomains
date: Thu, 06 Apr 2023 15:19:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"230-185ce204338"
content-type: image/png
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 560
x-xss-protection: 1; mode=block
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 play-store.png
www.timesnownews.com/assets/images/OpenInApp/ 725 B
1013 B 78ms
77ms Image
image/png 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/images/OpenInApp/play-store.png

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

e57a30e2ef18d808a1afa350e0b33e22376ef7a5b341e7d791dbe6486f345882

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 3.314ms
pragma: no-cache
strict-transport-security: max-age=25920000; includeSubdomains
date: Thu, 06 Apr 2023 15:19:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"2d5-185ce204338"
content-type: image/png
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 725
x-xss-protection: 1; mode=block
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 arrow-right.svg
www.timesnownews.com/assets/icons/svg/ 395 B
572 B 77ms
77ms Image
image/svg+xml 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/arrow-right.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

0c3f5dafbc4d89ff4ffc12e65464ed6b118fb6ebe2cf670552c24fa6ba3f42b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 261
x-xss-protection: 1; mode=block
x-response-time: 0.952ms
pragma: no-cache
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"18b-185ce204338"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 3d276e090487a2efcd98ee2a6127d068ecb86418.js Show response
cdn.izooto.com/scripts/ 1 KB
858 B 81ms
31ms Script
application/javascript 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/3d276e090487a2efcd98ee2a6127d068ecb86418.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98e038b4db16f5033bdca3ee0ecd9284afaf352695ffa5a32753fc996a12ebdf

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 27 Mar 2023 06:46:23 GMT
server: cloudflare
age: 894670
etag: W/"64213bbf-41f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1382400
cf-ray: 7b3b0280ea619226-FRA
x-xss-protection: 1; mode=block
expires: Sat, 22 Apr 2023 15:19:33 GMT

GET
H2 200 bootstrap.f4e16498.js Show response
www.timesnownews.com/tnnassets/ 19 KB
6 KB 46ms
43ms Script
application/javascript 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/tnnassets/bootstrap.f4e16498.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

d60b84b7316948dc5d2c9c0e04cba3abcd0900169da2433f6923d8b116293376

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 6253
x-xss-protection: 1; mode=block
x-response-time: 1.194ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"4b19-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 vendors.2410a677.chunk.js Show response
www.timesnownews.com/tnnassets/ 356 KB
116 KB 47ms
45ms Script
application/javascript 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/tnnassets/vendors.2410a677.chunk.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

da9d46dc7ae9a2c535b65a6bdf23b7f731bfe6733571fe87cd9655fca86bde08

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 118452
x-xss-protection: 1; mode=block
x-response-time: 0.770ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"591fc-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 client.8c165f2d.chunk.js Show response
www.timesnownews.com/tnnassets/ 256 KB
62 KB 55ms
53ms Script
application/javascript 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/tnnassets/client.8c165f2d.chunk.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

0adb2c0646a607411b429d7f7a35fc778d7c4e2cb1d0c30ca645cd5192f48aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 63056
x-xss-protection: 1; mode=block
x-response-time: 2.270ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"3ff98-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 vendors~articlelist_desktop~articlelist_desktop-Listing~articlelist_mobile~articlelist_mobile-Listin~b031591e.95808959.chunk.js Show response
www.timesnownews.com/tnnassets/ 21 KB
8 KB 48ms
47ms Script
application/javascript 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/tnnassets/vendors~articlelist_desktop~articlelist_desktop-Listing~articlelist_mobile~articlelist_mobile-Listin~b031591e.95808959.chunk.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

e93b7d5fabcfdc7f2e7966b3d2cfa76f322cc60d65c35d9ae1cfa155431abe7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 7334
x-xss-protection: 1; mode=block
x-response-time: 1.085ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"5412-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 vendors~articlelist_desktop~articlelist_desktop-Listing~articlelist_mobile~articlelist_mobile-Listin~b959b96c.aaafc1eb.chunk.js Show response
www.timesnownews.com/tnnassets/ 16 KB
6 KB 77ms
76ms Script
application/javascript 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/tnnassets/vendors~articlelist_desktop~articlelist_desktop-Listing~articlelist_mobile~articlelist_mobile-Listin~b959b96c.aaafc1eb.chunk.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

4ad86e4afd6ec129c99738488c425fca45522ddd0231c46564e1e071d59e3048

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 5588
x-xss-protection: 1; mode=block
x-response-time: 1.221ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"40e0-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 vendors~articlelist_desktop~articlelist_desktop-Listing~articlelist_mobile~articlelist_mobile-Listin~6dbcacfe.9d856ab3.chunk.js Show response
www.timesnownews.com/tnnassets/ 20 KB
7 KB 74ms
73ms Script
application/javascript 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/tnnassets/vendors~articlelist_desktop~articlelist_desktop-Listing~articlelist_mobile~articlelist_mobile-Listin~6dbcacfe.9d856ab3.chunk.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

5ff815c2bbdba8aa147e44311990e054a5021de502e6cd79ffe7d04404ba9ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 6762
x-xss-protection: 1; mode=block
x-response-time: 1.007ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"5070-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 vendors~articlelist_desktop~articlelist_desktop-Listing~articlelist_mobile~articlelist_mobile-Listin~c8939469.ed461ac0.chunk.js Show response
www.timesnownews.com/tnnassets/ 37 KB
9 KB 77ms
76ms Script
application/javascript 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/tnnassets/vendors~articlelist_desktop~articlelist_desktop-Listing~articlelist_mobile~articlelist_mobile-Listin~c8939469.ed461ac0.chunk.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

dd8909252c52dfef05074dcac3a82cfc39a5bd431a45011ec7a205fd4d570b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 9307
x-xss-protection: 1; mode=block
x-response-time: 1.331ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"9454-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 articleshow_desktop.db9a0819.chunk.js Show response
www.timesnownews.com/tnnassets/ 2 MB
357 KB 65ms
65ms Script
application/javascript 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/tnnassets/articleshow_desktop.db9a0819.chunk.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

686f72e90972758db00d6a52914d2a8a5d849d4e12e4e871ca934d0bef17835d

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 364239
x-xss-protection: 1; mode=block
x-response-time: 1.951ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"191208-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 76ms
29ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-64032556-12

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

693b1e29d7296d8231c4d6868f792b1389c3d933245371accb20b802c6146cd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44973
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
77 KB 103ms
57ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-77TJDBEN7S

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f60bc7dded1ffa50971ae8a96f0a40e206dd349ebb41078567851848dc001eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79233
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 web-sdk.js Show response
static.growthrx.in/js/v2/ 52 KB
14 KB 187ms
40ms Script
application/javascript 2a02:26f0:6c00:1bb::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.growthrx.in/js/v2/web-sdk.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1bb::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

34b579173efce5b56acd1e45a832614f1ba6889e7898718625eb2f036e855231

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 14484
x-xss-protection: 1; mode=block
which-server: vsp4-grx
last-modified: Tue, 04 Apr 2023 18:13:32 GMT
server: Bhoot
etag: "642c68cc-cf9f"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400, public, max-age=14400
accept-ranges: bytes
expires: Tue, 04 Apr 2023 22:17:44 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 137ms
23ms Script
application/javascript 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 06:30:31 GMT
content-encoding: gzip
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 31743
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: ajw5KWJr-UzCPqKXGepNhS-Lx8KsO0yqxlnGH9LQBfRjwaAoryNBhQ==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 144ms
23ms Script
application/x-javascript 2600:9000:2057:9600:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9600:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 01:10:22 GMT
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 50951
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: eCdCHRp-U4PoVrmI2edzDuq6cYVmo7wqjsxj_2aEkpyhhuQdi7jZdw==
expires: Fri, 07 Apr 2023 01:10:22 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 146ms
25ms Script
application/x-javascript 2600:9000:2057:9600:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9600:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 01:13:30 GMT
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 00:57:56 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 50763
etag: W/"62d75314-5d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 5c6u9100pI20qPJHlShFNjgw9kF0pk3V2doiEgwmBFGt1wsW4z9f3Q==
expires: Fri, 07 Apr 2023 01:13:30 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
313 B 24ms
23ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.timesnownews.com&pubid=2202a6a5-32cd-4e86-a8b6-48b0a3829463
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:51 GMT
via: 1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 7902
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.timesnownews.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: H_DslIsboQXiL2fdYkNAkjNRKnZCfpuDn1obeWg1HWe1EinlbvEjlg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 62ms
20ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: F_FDbbUyUmFtmAPMghF.UJjGVPnjBMtx
content-encoding: gzip
via: 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
date: Wed, 05 Apr 2023 21:14:53 GMT
x-amz-cf-pop: FRA56-P6
age: 65081
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 03 Apr 2023 21:14:40 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: OpUg6S6sEP9rNfhlonVLXPjJeXb16pZ_WbYGN937ddHWD5ekB2lRzA==

GET
H2 200 vendors~articlelist_desktop~articlelist_desktop-Listing~articlelist_mobile~articlelist_mobile-Listin~b959b96c.aaafc1eb.chunk.js Show response
www.timesnownews.com/tnnassets/ 16 KB
6 KB 45ms
45ms Script
application/javascript 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/tnnassets/vendors~articlelist_desktop~articlelist_desktop-Listing~articlelist_mobile~articlelist_mobile-Listin~b959b96c.aaafc1eb.chunk.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/bootstrap.f4e16498.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

4ad86e4afd6ec129c99738488c425fca45522ddd0231c46564e1e071d59e3048

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 5588
x-xss-protection: 1; mode=block
x-response-time: 1.221ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"40e0-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 vendors~articlelist_desktop~articlelist_desktop-Listing~articlelist_mobile~articlelist_mobile-Listin~c8939469.ed461ac0.chunk.js Show response
www.timesnownews.com/tnnassets/ 37 KB
9 KB 53ms
52ms Script
application/javascript 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/tnnassets/vendors~articlelist_desktop~articlelist_desktop-Listing~articlelist_mobile~articlelist_mobile-Listin~c8939469.ed461ac0.chunk.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/bootstrap.f4e16498.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

dd8909252c52dfef05074dcac3a82cfc39a5bd431a45011ec7a205fd4d570b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 9307
x-xss-protection: 1; mode=block
x-response-time: 1.331ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"9454-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 articleshow_desktop.db9a0819.chunk.js Show response
www.timesnownews.com/tnnassets/ 2 MB
357 KB 52ms
52ms Script
application/javascript 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnownews.com/tnnassets/articleshow_desktop.db9a0819.chunk.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/bootstrap.f4e16498.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

686f72e90972758db00d6a52914d2a8a5d849d4e12e4e871ca934d0bef17835d

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 364239
x-xss-protection: 1; mode=block
x-response-time: 1.951ms
pragma: no-cache
last-modified: Wed, 05 Apr 2023 10:47:28 GMT
server: Bhoot
etag: W/"191208-18751075600"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 1419 320 KB
104 KB 20ms
20ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.timesnownews.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1880807
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Thu, 06 Apr 2023 15:19:33 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/675D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 283 KB
67 KB 63ms
63ms Script
application/javascript 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/3d276e090487a2efcd98ee2a6127d068ecb86418.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cb197f6f7bfd999dd8b16f4a17bbb3041d22ab7f8ed146a60cdcfb9190a7979

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Apr 2023 11:24:15 GMT
server: cloudflare
age: 186862
etag: W/"642c08df-46d66"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1382400
cf-ray: 7b3b02821bb19226-FRA
x-xss-protection: 1; mode=block
expires: Sat, 22 Apr 2023 15:19:33 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/ 397 KB
123 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

991fe33155584583fa75319093a543a4f074e91a7db90ab8b6fbb2f39aa1023d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 11:14:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14718
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125910
x-xss-protection: 0
server: cafe
etag: 14470834828239977126
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 05 Apr 2024 11:14:15 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 3 KB
696 B 98ms
56ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.timesnownews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ddb1dfa87784ba6d20da067525e482da242947b01f73c478929590608bc3ec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 671
x-xss-protection: 0
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 slikeloader.js Show response
tvid.in/sdk/ 7 KB
3 KB 161ms
34ms Script
application/javascript 2a02:26f0:480:39d::3857
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://tvid.in/sdk/slikeloader.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/client.8c165f2d.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:39d::3857 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

05fb8eca3cac855529e8d64b4323aed56d9e4ae01148ee6ee7a9140941e3e9ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:33 GMT
content-encoding: gzip
strict-transport-security: max-age=86400 ; includeSubDomains
x-amz-request-id: GNFP1AN8AXWBCFAQ
x-amz-server-side-encryption: AES256
content-length: 2583
x-amz-id-2: 5HiMtn7RKw2Ql0wlg/FsH26tt3tnykmTPHe4dasU4cdO/Aose32iwCjYwJaMCnci6lBWh9AhX9M=
pragma: no-cache
x-amz-meta-server-side-encryption: AES256
last-modified: Wed, 05 Apr 2023 11:36:43 GMT
server: AmazonS3
etag: "a820d1e12cce598348754dc90beff58a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 jsso_crosswalk_legacy_0.6.8.min.js Show response
jssocdn.indiatimes.com/crosswalk/ 26 KB
6 KB 120ms
25ms Script
application/javascript 2a02:26f0:64:681::3621
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://jssocdn.indiatimes.com/crosswalk/jsso_crosswalk_legacy_0.6.8.min.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/articleshow_desktop.db9a0819.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64:681::3621 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

65f471fef221d996710dc52325f851da7a84abb11e31349b8d9dbac03fb21688

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:33 GMT
content-encoding: gzip
x-cool: 88.38
content-length: 5681
x-xss-protection: 1; mode=block
last-modified: Mon, 14 Jun 2021 08:30:00 GMT
server: Bhoot
etag: "69a0-5c4b5a9d24587"
x-frame-options: sameorigin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=13721124
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, content-type, method, IsJssoCrosswalk,channel, ssec, tksec, ticketId, platform, sdkVersion, csrfToken, csut, gdpr, ssoid
expires: Tue, 12 Sep 2023 10:44:57 GMT

GET
H2 200 timesnownews.com.1122574.js Show response
jsc.mgid.com/t/i/ 3 KB
2 KB 84ms
32ms Script
text/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/i/timesnownews.com.1122574.js
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/articleshow_desktop.db9a0819.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeeb8dc0b990ac066d90f3ee37d372a4e4757ac06425797195b3d7af00afc76b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:33 GMT
x-amz-version-id: dufhSGyoqEoe5v87hTeem5VRBdU9xCd2
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: ZWTDN1NM7AF2JEQC
age: 4511
cf-polished: origSize=2664
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: q6vVXotED6tbUhi/JPiwlG0pGaVYz/TXviYJ/9z2lCDzVBKbiZ1RS0j3IAsLjkSpoem8ir0txDI=
cf-bgj: minify
last-modified: Thu, 06 Apr 2023 11:08:06 GMT
server: cloudflare
etag: W/"e35ea0fae5b88dd7e2eefe884cbc397d"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7b3b0283eaeb3718-FRA
expires: Thu, 06 Apr 2023 18:19:33 GMT

GET
H2 200 timesnownews.com.1122598.js Show response
jsc.mgid.com/t/i/ 3 KB
1 KB 85ms
33ms Script
text/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/i/timesnownews.com.1122598.js
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/articleshow_desktop.db9a0819.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1588d95d6698b243c121f7494595dab7b220e285baf9917a942ded852f307d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:33 GMT
x-amz-version-id: R3qjYSc1kFL9lqfLTWjH1bN1ZM4yQ5Y2
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 414G6N7E3619XN3M
age: 5066
cf-polished: origSize=2664
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 6wXwwlzsKWI2e9jZpls61tN7GucNRCwRI/JZMXPhH4J6FS7gdkIT7zcpjQFJfptlu4ZissfIgeM=
cf-bgj: minify
last-modified: Thu, 06 Apr 2023 11:08:07 GMT
server: cloudflare
etag: W/"be0b9cb54feae14e8589370d52b3b915"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7b3b0283eaec3718-FRA
expires: Thu, 06 Apr 2023 18:19:33 GMT

GET
H/1.1 200
OK locate Show response
geoapi.tnn.in/ 134 B
883 B 196ms
40ms XHR
text/html 2a02:26f0:6c00::210:bb32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://geoapi.tnn.in/locate
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/vendors.2410a677.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb32 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4f24aba3c3acdc3cff6194d7831432e690322ecc87eddd54e68088675b4ab129

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Apr 2023 15:19:33 GMT
Edgescape-API: geo_region=85,country_code=DE,region_code=HE,city=FRANKFURT,latitude=50.12,longitude=8.68, timezone=GMT+1 , continent=EU
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/html
Access-Control-Allow-Origin: https://www.timesnownews.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Connection: keep-alive
Server-Timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466887_34650926_76246611_18_911_38_-";dur=1
Access-Control-Allow-Headers: Origin,X-Requested-With,Content-Type,Accept
Content-Length: 134
Expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 getcommentcount Show response
apiprod.timesnownews.com/api/comment/ 58 B
558 B 336ms
165ms XHR
application/json 2a02:26f0:6c00::210:bb32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apiprod.timesnownews.com/api/comment/getcommentcount?msid=99287585&appKey=TNN

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/vendors.2410a677.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb32 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

0c175f94fbe20da20efa4ef57dcb795b8083a1a6127802dc0e67b2625653bd5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Thu, 06 Apr 2023 15:19:34 GMT
x-content-type-options: nosniff
server-timing: cdn-cache; desc=MISS, edge; dur=115, origin; dur=4, ak_p; desc="466887_34650926_76246634_11918_6031_38_0";dur=1
content-length: 58
x-xss-protection: 1; mode=block
x-response-time: 1.213ms
server: Bhoot
etag: W/"3a-2H2E09fIkY9Afjmdp8LtmGUYwUQ"
x-frame-options: sameorigin
access-control-max-age: 86400
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-allow-credentials: false
access-control-allow-headers: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-64032556-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 14:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4461
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 06 Apr 2023 16:05:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
77 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-77TJDBEN7S&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-64032556-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f897f04b20f4362748a67f889e2f0445841235bc7082a84f2bdf4ae559930f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79220
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 19ms
19ms Image
text/plain 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=26200502&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1680794373764&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&c8=Threat%20Mail%20Sent%20To%20Noida%20News%20Channel%20Claims%20Plot%20To%20Assassinate%20PM%20Modi%2C%20UP%20CM%20Yogi%20%E2%80%94%20DETAILS%20%7C%20India%20News%2C%20Times%20Now&c9=
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:33 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: XjyP-k7rGWSS6t7z5RXK9Vnf1Ld4UPqlY0L8816NK1hYiYBpURrzPg==
x-cache: Miss from cloudfront

GET
H2 200 times-now.svg
www.timesnownews.com/assets/icons/svg/ 5 KB
3 KB 44ms
41ms Image
image/svg+xml 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/times-now.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

bc45e40040cf0de904e32e617ce08358bbd663d8244986dbe7e3437ee59532ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 2624
x-xss-protection: 1; mode=block
x-response-time: 0.967ms
pragma: no-cache
last-modified: Thu, 19 Jan 2023 08:20:45 GMT
server: Bhoot
etag: W/"1543-185c91db348"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 et-now.svg
www.timesnownews.com/assets/icons/svg/ 5 KB
2 KB 45ms
42ms Image
image/svg+xml 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/et-now.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

543b9774a8201539a5481d89a87e5c1f5eaad01410ff7a94775f09cd3a4a78d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 1752
x-xss-protection: 1; mode=block
x-response-time: 0.986ms
pragma: no-cache
last-modified: Thu, 19 Jan 2023 08:20:45 GMT
server: Bhoot
etag: W/"13a7-185c91db348"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 99271262.jpg
static.tnn.in/thumb/msid-99271262,imgsize-1051391,width-300,height-168,resizemode-75/ 9 KB
9 KB 53ms
50ms Image
image/webp 2a02:26f0:6c00::210:bb68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.tnn.in/thumb/msid-99271262,imgsize-1051391,width-300,height-168,resizemode-75/99271262.jpg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

2f85d997063fdb80708677583880a46ad84458d7d04e4c9f66ddc29aa735f5cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	sameorigin, sameorigin
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Thu, 06 Apr 2023 15:19:33 GMT
x-content-type-options: nosniff, nosniff
server: Bhoot
etag: 1051391
x-frame-options: sameorigin, sameorigin
content-type: image/webp
imagemagick_im4java: 1
cache-control: public, must-revalidate, max-age=31499743
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="466887_34650980_309121270_301_1703_48_0";dur=1
appgn: 17229387001231680736152560
content-length: 8804
x-xss-protection: 1; mode=block, 1; mode=block
expires: Fri, 05 Apr 2024 05:15:16 GMT

GET
H2 200 times-now-navbharat.svg
www.timesnownews.com/assets/icons/svg/ 15 KB
5 KB 44ms
43ms Image
image/svg+xml 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/times-now-navbharat.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

8d25a0e1702668dd643fe6d3178ea4ff57d06282ca9fd6173d3f95deed3eb7b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 5084
x-xss-protection: 1; mode=block
x-response-time: 0.782ms
pragma: no-cache
last-modified: Thu, 19 Jan 2023 08:20:45 GMT
server: Bhoot
etag: W/"3bc6-185c91db348"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 mirror-now.svg
www.timesnownews.com/assets/icons/svg/ 12 KB
5 KB 45ms
44ms Image
image/svg+xml 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/mirror-now.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

6cb191aa1a2ad570477b385959b558b5916aa5008f151b4ab9100fa2ea22bd4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 4392
x-xss-protection: 1; mode=block
x-response-time: 567.295ms
pragma: no-cache
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"3008-185ce204338"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 et-now-swadesh.svg
www.timesnownews.com/assets/icons/svg/ 13 KB
6 KB 43ms
42ms Image
image/svg+xml 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/et-now-swadesh.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

f129a1eeda59ae34fd2fa8019c1d8b08aae8d858ea76ae1e8ba23c70c75b6024

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 5485
x-xss-protection: 1; mode=block
x-response-time: 5.691ms
pragma: no-cache
last-modified: Thu, 19 Jan 2023 08:20:45 GMT
server: Bhoot
etag: W/"33cf-185c91db348"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 349ms
112ms Image
image/gif 34.232.231.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=timesnownews.com&p=%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&u=Bqi4-xCZYCKVZmBBz&d=timesnownews.com&g=10538&g0=india&g1=surabhi.shaurya%40timesgroup.com&n=1&f=00001&c=0&x=0&m=0&y=4232&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&b=1504&t=DscIR1DzOpo4nh4-KC4i9MQCdbXZ-&V=139&i=Threat%20Mail%20Sent%20To%20Noida%20News%20Channel%20Claims%20Plot%20To%20Assassinate%20PM%20Modi%2C%20UP%20CM%20Yogi%20%E2%80%94%20DETAILS%20%7C%20In&tz=0&sn=1&sv=DI67trDVPu1GDqIZTiCH4u61BvTuUZ&sd=1&im=062b9f3f&_
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.231.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-231-107.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 1419 663 B
605 B 241ms
201ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=9ae4b1a84518d41111ae7ef5d9b84a10e5954667

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.timesnownews.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 181
date: Thu, 06 Apr 2023 15:19:33 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Thu, 06 Apr 2023 15:19:33 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 8f7eec2cfba2d7d9
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 09927eb84eacc37238e86e0a03398496eb37c45cabc72360ca4e45dc5ed02bc7
content-length: 284

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 76ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-77TJDBEN7S&gtm=45je3430&_p=923380145&cid=747394426.1680794374&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680794373&sct=1&seg=0&dl=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&dt=Threat%20Mail%20Sent%20To%20Noida%20News%20Channel%20Claims%20Plot%20To%20Assassinate%20PM%20Modi%2C%20UP%20CM%20Yogi%20%E2%80%94%20DETAILS%20%7C%20India%20News%2C%20Times%20Now&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-77TJDBEN7S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.timesnownews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 279 B
559 B 180ms
117ms XHR
application/json 2a04:4e42:200::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=timesnownews.com&domain=timesnownews.com&path=%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9feab3fefb0b32e8e59ee33031c8bc3918a76201441080fb072f93133ef9380d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 15:19:34 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 201
x-served-by: cache-hhn-etou8220072-HHN
x-timer: S1680794374.942193,VS0,VE97
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Tue, 04 Apr 2023 15:19:33 GMT

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame 04F1 4 KB
1 KB 32ms
32ms Document
text/html 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 2350262
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 7b3b0284eead9226-FRA
content-encoding: br
content-type: text/html
date: Thu, 06 Apr 2023 15:19:33 GMT
expires: Sun, 07 May 2023 15:19:33 GMT
last-modified: Tue, 07 Feb 2023 10:27:13 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 times-now.svg
www.timesnownews.com/assets/icons/svg/ 5 KB
3 KB 56ms
56ms Image
image/svg+xml 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/times-now.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/vendors.2410a677.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

bc45e40040cf0de904e32e617ce08358bbd663d8244986dbe7e3437ee59532ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 2624
x-xss-protection: 1; mode=block
x-response-time: 0.967ms
pragma: no-cache
last-modified: Thu, 19 Jan 2023 08:20:45 GMT
server: Bhoot
etag: W/"1543-185c91db348"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 et-now-swadesh.svg
www.timesnownews.com/assets/icons/svg/ 13 KB
6 KB 55ms
54ms Image
image/svg+xml 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/et-now-swadesh.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/vendors.2410a677.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

f129a1eeda59ae34fd2fa8019c1d8b08aae8d858ea76ae1e8ba23c70c75b6024

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 5485
x-xss-protection: 1; mode=block
x-response-time: 5.691ms
pragma: no-cache
last-modified: Thu, 19 Jan 2023 08:20:45 GMT
server: Bhoot
etag: W/"33cf-185c91db348"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 et-now.svg
www.timesnownews.com/assets/icons/svg/ 5 KB
2 KB 53ms
53ms Image
image/svg+xml 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/et-now.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/vendors.2410a677.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

543b9774a8201539a5481d89a87e5c1f5eaad01410ff7a94775f09cd3a4a78d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 1752
x-xss-protection: 1; mode=block
x-response-time: 0.986ms
pragma: no-cache
last-modified: Thu, 19 Jan 2023 08:20:45 GMT
server: Bhoot
etag: W/"13a7-185c91db348"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 times-now-navbharat.svg
www.timesnownews.com/assets/icons/svg/ 15 KB
5 KB 54ms
53ms Image
image/svg+xml 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/times-now-navbharat.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/vendors.2410a677.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

8d25a0e1702668dd643fe6d3178ea4ff57d06282ca9fd6173d3f95deed3eb7b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 5084
x-xss-protection: 1; mode=block
x-response-time: 0.782ms
pragma: no-cache
last-modified: Thu, 19 Jan 2023 08:20:45 GMT
server: Bhoot
etag: W/"3bc6-185c91db348"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

GET
H2 200 mirror-now.svg
www.timesnownews.com/assets/icons/svg/ 12 KB
5 KB 54ms
54ms Image
image/svg+xml 2a02:26f0:6c00::210:bb8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timesnownews.com/assets/icons/svg/mirror-now.svg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/vendors.2410a677.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb8a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

6cb191aa1a2ad570477b385959b558b5916aa5008f151b4ab9100fa2ea22bd4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 15:19:33 GMT
content-length: 4392
x-xss-protection: 1; mode=block
x-response-time: 567.295ms
pragma: no-cache
last-modified: Fri, 20 Jan 2023 07:41:39 GMT
server: Bhoot
etag: W/"3008-185ce204338"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:33 GMT

POST
H2 200 loggedInUser Show response
jsso.indiatimes.com/sso/crossapp/identity/web/ 136 B
4 KB 274ms
179ms XHR
application/json 2a02:26f0:6c00::210:bb29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://jsso.indiatimes.com/sso/crossapp/identity/web/loggedInUser

Requested by

Host: jssocdn.indiatimes.com
URL: https://jssocdn.indiatimes.com/crosswalk/jsso_crosswalk_legacy_0.6.8.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

ddfd865e7f12769fb2bda5bcaa84657980cae7117acc679be6877a2d318909b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
csrfToken
sdkVersion: 0.6.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json
IsJssoCrosswalk: true
Referer: https://www.timesnownews.com/
tksec
channel: tnweb
platform: WEB
ssec
csut
gdpr

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
date: Thu, 06 Apr 2023 15:19:34 GMT
x-cool: 88.17
server-timing: cdn-cache; desc=MISS, edge; dur=119, origin; dur=7, ak_p; desc="466887_34650917_912544536_12574_6444_45_0";dur=1
content-length: 139
x-xss-protection: 1; mode=block
server: Bhoot
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.timesnownews.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-expose-headers: csrfToken,ssec,tksec,csut,gdpr,Sec-FedCM-CSRF,Sec-Fetch-Site,Sec-Fetch-Mode,Sec-Fetch-Des
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, content-type, method, IsJssoCrosswalk,channel, ssec, tksec, ticketId, platform, sdkVersion, csrfToken, csut, gdpr, ssoid, captchatoken

OPTIONS
H2 200 loggedInUser
jsso.indiatimes.com/sso/crossapp/identity/web/ Frame 0
0 309ms
172ms Preflight 2a02:26f0:6c00::210:bb29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://jsso.indiatimes.com/sso/crossapp/identity/web/loggedInUser

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: channel,content-type,csrftoken,csut,gdpr,isjssocrosswalk,platform,sdkversion,ssec,tksec
Access-Control-Request-Method: POST
Origin: https://www.timesnownews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, content-type, method, IsJssoCrosswalk,channel, ssec, tksec, ticketId, platform, sdkVersion, csrfToken, csut, gdpr, ssoid, captchatoken
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.timesnownews.com
access-control-expose-headers: csrfToken,ssec,tksec,csut,gdpr,Sec-FedCM-CSRF,Sec-Fetch-Site,Sec-Fetch-Mode,Sec-Fetch-Des
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Thu, 06 Apr 2023 15:19:34 GMT
server: Bhoot
server-timing: ak_p; desc="466887_34650917_912544185_11871_6893_45_0";dur=1
strict-transport-security: max-age=25920000; includeSubdomains
x-cool: 88.19
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

GET
H2 200 timesnownews.com.1122574.es6.js Show response
jsc.mgid.com/t/i/ 246 KB
70 KB 58ms
56ms Script
text/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/i/timesnownews.com.1122574.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/timesnownews.com.1122574.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d753d7e4ff89a3ccb19db9079885345c3869bcfcd08118edbaacd605487fab7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:33 GMT
x-amz-version-id: xuudXwUvx_u.2hLhpzMHaikVqisW7L2d
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: ZWT3JY2BQ58R2YB3
age: 4445
cf-polished: origSize=251873
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ZumRkR9sfmb8bCRcDFcWcSvzaFpneiZ7+dSO4QqE8RNABa0rNIlvLKLt58zQXG4zFOUu30yTdZ4=
cf-bgj: minify
last-modified: Thu, 06 Apr 2023 11:08:06 GMT
server: cloudflare
etag: W/"95a04fc3766360cb1ec4c8b3504c03ae"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7b3b0284fc3c3718-FRA
expires: Thu, 06 Apr 2023 18:19:33 GMT

GET
H2 200 timesnownews.com.1122598.es6.js Show response
jsc.mgid.com/t/i/ 240 KB
69 KB 37ms
36ms Script
text/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/i/timesnownews.com.1122598.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/timesnownews.com.1122598.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5ffb8aef851fbf4e52ae7523e046182dc7837cefc22f118ff715a4b8f130867

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:33 GMT
x-amz-version-id: 93b7VGP.oov2_.ol6gum5IaSDlx73AIk
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 414MB25VMHVZXXN2
age: 5045
cf-polished: origSize=245875
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: YV8L//JMTuRdxYCqANzkficeyq10OM/PEsUnISjA8coFKI91afrpLsoHmFojoAAJOaH8BUqW/ms=
cf-bgj: minify
last-modified: Thu, 06 Apr 2023 11:08:07 GMT
server: cloudflare
etag: W/"25bb40f0cb3a8bfe54aacf6973f55bc8"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7b3b0284fc3d3718-FRA
expires: Thu, 06 Apr 2023 18:19:33 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 30ms
28ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=923380145&t=pageview&_s=1&dl=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&ul=en-us&de=UTF-8&dt=Threat%20Mail%20Sent%20To%20Noida%20News%20Channel%20Claims%20Plot%20To%20Assassinate%20PM%20Modi%2C%20UP%20CM%20Yogi%20%E2%80%94%20DETAILS%20%7C%20India%20News%2C%20Times%20Now&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=868788350&gjid=379221309&cid=747394426.1680794374&tid=UA-64032556-12&_gid=900473983.1680794374&_r=1&gtm=457e3430&cd1=99287585&cd2=2023-04-06&cd3=consumption&cd4=india&cd5=&cd6=Article&cd7=&cd8=&cd9=Original&cd10=surabhi.shaurya%40timesgroup.com&cd11=Times%20Now%20Digital&cd12=&jsscut=1&z=1637499345

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.timesnownews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
465 B 136ms
60ms XHR
text/javascript 13.32.106.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&pid=styeN7bjlj97d&cb=0&ws=1600x1200&v=23.331.1910&t=2000&slots=%5B%7B%22sd%22%3A%22div-u-id-1-1-99287585%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22980x90%22%5D%2C%22sn%22%3A%22%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_Header%22%7D%2C%7B%22sd%22%3A%22div-u-id-1-2-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_RHS_TOP_300%22%7D%2C%7B%22sd%22%3A%22div-u-id-1-3-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_RHS_MID_1_300%22%7D%2C%7B%22sd%22%3A%22div-u-id-1-7-btf_5-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_RHS_Bottom_300%22%7D%2C%7B%22sd%22%3A%22div-u-id-1-5%22%2C%22s%22%3A%5B%22728x90%22%2C%22980x90%22%2C%22970x90%22%2C%22980x200%22%5D%2C%22sn%22%3A%22%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_Bottom_Multisize%22%7D%2C%7B%22sd%22%3A%22out-of-page-ad%22%2C%22s%22%3A%5B%22300x250%22%2C%221x1%22%2C%22336x280%22%2C%22320x480%22%5D%2C%22sn%22%3A%22%2F21806551354%2FTN_English%2FDesktop%2FROS%2FTN_English_Desktop_ROS_Interstitial%22%7D%5D&pubid=2202a6a5-32cd-4e86-a8b6-48b0a3829463&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.106.197 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-106-197.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: J1GNMAFNH5WAZM2JJYW6
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.timesnownews.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 4NlmET-nl7WFoi8AxseSxv3dDf6osOrrqaDmO0eK5Q0CD23EjfDQxQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 79ms
26ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-64032556-12&cid=747394426.1680794374&jid=868788350&gjid=379221309&_gid=900473983.1680794374&_u=YADAAUAAAAAAACAAI~&z=180077664

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 06 Apr 2023 15:19:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.timesnownews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 400 / Show response
ow.pubmatic.com/cookie_sync/ 120 B
271 B 123ms
30ms XHR
text/plain 185.64.190.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL

https://ow.pubmatic.com/cookie_sync/?sec=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.64.190.84 , United Kingdom, ASN62713 (AS-PUBMATIC, US),

Reverse DNS

Software

Resource Hash

b6e7aed079d176a0b4dac32e74a1550cb2b219410d5d9bf62295982337ae9b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.timesnownews.com
date: Thu, 06 Apr 2023 15:19:34 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-length: 120
content-type: text/plain; charset=utf-8

POST
H2 200 auction Show response
ow.pubmatic.com/pbs/openrtb2/ 212 B
299 B 123ms
32ms XHR
application/json 185.64.190.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://ow.pubmatic.com/pbs/openrtb2/auction
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.84 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: fe16f6ce2698fde7c1103654b0b5d7f39541993822d0d5c92181c4dd629054bd

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.timesnownews.com
date: Thu, 06 Apr 2023 15:19:34 GMT
access-control-allow-credentials: true
content-length: 212
content-type: application/json

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 5 KB
2 KB 237ms
151ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=433
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 9907fc9d9d55b94d66759440f89dc09e0c70128c03045300ccdd1d31d98710cc

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.timesnownews.com
date: Thu, 06 Apr 2023 15:19:34 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-openrtb-version: 2.3
content-encoding: gzip
content-type: application/json

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
394 B 121ms
50ms XHR
application/json 88.221.169.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.timesnownews.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 06 Apr 2023 15:19:34 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 808 B
3 KB 290ms
181ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17222&site_id=464020&zone_id=2727412&size_id=2%3B15%3B15%3B15%3B2&alt_size_ids=55%3B%3B%3B10%3B55&rf=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&tg_i.pbadslot=%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_Header%3B%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_RHS_TOP_300%3B%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_RHS_MID_1_300%3B%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_RHS_Bottom_300%3B%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_Bottom_Multisize&tk_flint=pbjs_lite_v6.29.3&x_source.tid=058e1b45-92ee-485a-8377-ebf2127f70ec%3Bb465e6f7-f49e-4a48-aa17-a142257d23ea%3Bdc5a0fe3-9041-4ce6-aa87-a2e96573670b%3Bb9b776b8-b44c-4c23-9704-7f07584fe529%3B6ba7a42b-b204-4a0d-88d6-c490f7a0e5bc&l_pb_bid_id=19fe3a995b7d736%3B206f49ee3cd5ef4%3B21240a3d6af2055%3B22bfd27be9231a2%3B235d2b1b8de6219&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_Header%3B%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_RHS_TOP_300%3B%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_RHS_MID_1_300%3B%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_RHS_Bottom_300%3B%2F21806551354%2FTN_English%2FDesktop%2FArticleShow%2FTN_English_Desk_AS_Bottom_Multisize&slots=5&rand=0.9408944386232536
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 00b189dceeb6f14649a6979dc813ddc5159549369cab461bb51c0294f5115fdf

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.timesnownews.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
www18.smartadserver.com/prebid/ 0
342 B 171ms
29ms XHR
application/json 5.135.209.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www18.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS: ip97.ip-5-135-209.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:33 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.timesnownews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
www18.smartadserver.com/prebid/ 0
342 B 194ms
51ms XHR
application/json 5.135.209.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www18.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS: ip97.ip-5-135-209.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:33 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.timesnownews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
www18.smartadserver.com/prebid/ 0
342 B 171ms
28ms XHR
application/json 5.135.209.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www18.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS: ip97.ip-5-135-209.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:33 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.timesnownews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
www18.smartadserver.com/prebid/ 0
342 B 172ms
29ms XHR
application/json 5.135.209.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www18.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS: ip97.ip-5-135-209.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.timesnownews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
www18.smartadserver.com/prebid/ 0
342 B 171ms
28ms XHR
application/json 5.135.209.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www18.smartadserver.com/prebid/v1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS: ip97.ip-5-135-209.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:33 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.timesnownews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 arj Show response
timesnetwork-d.openx.net/w/1.0/ 73 B
382 B 118ms
31ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://timesnetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=058e1b45-92ee-485a-8377-ebf2127f70ec%2Cb465e6f7-f49e-4a48-aa17-a142257d23ea%2Cdc5a0fe3-9041-4ce6-aa87-a2e96573670b%2Cb9b776b8-b44c-4c23-9704-7f07584fe529%2C6ba7a42b-b204-4a0d-88d6-c490f7a0e5bc&nocache=1680794374007&aus=728x90%2C970x90%2C980x90%7C300x250%7C300x250%7C300x250%2C300x600%7C728x90%2C980x90%2C970x90%2C980x200&divids=div-u-id-1-1-99287585%2Cdiv-u-id-1-2-0%2Cdiv-u-id-1-3-0%2Cdiv-u-id-1-7-btf_5-0%2Cdiv-u-id-1-5&aucs=%252F21806551354%252FTN_English%252FDesktop%252FArticleShow%252FTN_English_Desk_AS_Header%2C%252F21806551354%252FTN_English%252FDesktop%252FArticleShow%252FTN_English_Desk_AS_RHS_TOP_300%2C%252F21806551354%252FTN_English%252FDesktop%252FArticleShow%252FTN_English_Desk_AS_RHS_MID_1_300%2C%252F21806551354%252FTN_English%252FDesktop%252FArticleShow%252FTN_English_Desk_AS_RHS_Bottom_300%2C%252F21806551354%252FTN_English%252FDesktop%252FArticleShow%252FTN_English_Desk_AS_Bottom_Multisize&auid=558907545%2C558907540%2C558907540%2C558907540%2C558907545
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 6e409ad9cb9d6e73cdce8fd0f84c40329b34168cdeca1230bd371e0715b44d6d

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.timesnownews.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 579 B
1 KB 92ms
28ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

076f74f8e97fbd22e086bc8f5537864a50a2fb36eb4d640752eb4681e72c5fc2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 06 Apr 2023 15:19:34 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.26; 217.114.218.26; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a47912b1-9b1d-4d2d-89fa-d577df5c0e2e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.timesnownews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 100ms
45ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-64032556-12&cid=747394426.1680794374&jid=868788350&_u=YADAAUAAAAAAACAAI~&z=752629858

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 94ms
44ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-64032556-12&cid=747394426.1680794374&jid=868788350&_u=YADAAUAAAAAAACAAI~&z=752629858

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 3a8f121b-1d99-4bd6-b987-bc6b227aae25
https://www.timesnownews.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.timesnownews.com/3a8f121b-1d99-4bd6-b987-bc6b227aae25
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 10ff3ec1-5fbb-4868-836e-706aab90fecd
https://www.timesnownews.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.timesnownews.com/10ff3ec1-5fbb-4868-836e-706aab90fecd
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 200
OK 9ed327a8-0459-4987-b800-22638239e44a
https://www.timesnownews.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.timesnownews.com/9ed327a8-0459-4987-b800-22638239e44a
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 30bcdab7-5ad7-4472-b73f-3fab94622397
https://www.timesnownews.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.timesnownews.com/30bcdab7-5ad7-4472-b73f-3fab94622397
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 361 KB
121 KB 90ms
35ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/articleshow_desktop.db9a0819.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1da28e800518ff1302a3a67c4e4876910229c52554291a25b280dcd01d42ea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123698
x-xss-protection: 0
expires: Thu, 06 Apr 2023 15:19:34 GMT

GET
H2 200 1xfny336u9.json Show response
tvid.in/api/mediainfo/fn/y3/1xfny336u9/ 811 B
869 B 259ms
159ms XHR
application/json 2a02:26f0:480:39d::3857
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://tvid.in/api/mediainfo/fn/y3/1xfny336u9/1xfny336u9.json?vj=105&apikey=tgbsl486web5ab8uukl9o&k=1xfny336u9&mse=1&ajbit=00001&pw=300&ph=169&url=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&sw=1600&sh=1200&cont=masterVideoPlayer1xfny336u9&gdprn=2&skipanalytics=2&sdk=1

Requested by

Host: tvid.in
URL: https://tvid.in/sdk/slikeloader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:39d::3857 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

1c13806d0ae421c1e8c6fdf5fb3c5ca2fab8168a629da38a7f9321dd7de0af5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=86400 ; includeSubDomains
content-length: 459
x-xss-protection: 1; mode=block
geo: DE
server: Bhoot
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.timesnownews.com
access-control-expose-headers: geo
x-frame-options: sameorigin
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, Content-Type
x-time-ms: 1680794374316

GET
H2 200 tgbsl486web5ab8uukl9o.hls.spl.js Show response
tvid.in/sdk/ 658 KB
181 KB 34ms
34ms Script
application/javascript 2a02:26f0:480:39d::3857
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://tvid.in/sdk/tgbsl486web5ab8uukl9o.hls.spl.js

Requested by

Host: tvid.in
URL: https://tvid.in/sdk/slikeloader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:39d::3857 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c4ab1e75878be136902195ffa060c7627f882debc0e507d3748c83958b5e0293

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
content-encoding: gzip
strict-transport-security: max-age=86400 ; includeSubDomains
x-amz-request-id: GKGA9DC2AVYJ2YNP
x-amz-server-side-encryption: AES256
content-length: 184714
x-amz-id-2: Obw0VeWsnk/cM9SIvzIgW6323QAqCLAoirkGEpxvaV8oiJNxXTrnbpHcZQRA1FlbGegBerjBNgw=
pragma: no-cache
last-modified: Wed, 29 Mar 2023 09:50:16 GMT
server: AmazonS3
etag: "70686ad089cbd463d8130bcdbb1e02de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:34 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
66 B 36ms
36ms Script
text/plain 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=1680794374161535656244&ogtitle=Threat%20Mail%20Sent%20To%20Noida%20News%20Channel%20Claims%20Plot%20To%20Assassinate%20PM%20Modi%2C%20UP%20CM%20Yogi%20%E2%80%94%20DETAILS&uniqId=17c36&childs=1310961,1379466,1427666&lct=1680739200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&lu=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&sessionId=642ee306-17beb&pageView=1&pvid=1875726d01191f8dc7d&site=511795&implVersion=11&dpr=1&tfre=975
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/timesnownews.com.1122598.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b3b02869e5b3718-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content dc52ddf2-90f2-4b27-bb44-f3f4f56ebf7c
https://www.timesnownews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.timesnownews.com/dc52ddf2-90f2-4b27-bb44-f3f4f56ebf7c
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 2a60c8c0-b9e6-4af9-a558-01c603bf5437
https://www.timesnownews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.timesnownews.com/2a60c8c0-b9e6-4af9-a558-01c603bf5437
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 33ms
31ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 4ZA9P7VPAM79SEE5
age: 1245
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Ogo/ex200L7ps4FnQp+/tzaMP2Es62GIpyM//oh5VixopnKeKU/OLkVNxoGwINDIcf8PtYkWji0=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7b3b0286bea73718-FRA
expires: Fri, 07 Apr 2023 15:19:34 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
885 B 31ms
30ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YRQRQGQP9DZNZ14S
age: 5983
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: prDGrfP9Q2yJocLMVMs086d4Xf20e00Uihgi74TWkWggHy5UZf6VnePTEnJDA4LpjohSwbs6H6U=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7b3b0286bea53718-FRA
expires: Fri, 07 Apr 2023 15:19:34 GMT

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
992 B 33ms
32ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 4ZA9P7VPAM79SEE5
age: 1245
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Ogo/ex200L7ps4FnQp+/tzaMP2Es62GIpyM//oh5VixopnKeKU/OLkVNxoGwINDIcf8PtYkWji0=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7b3b0286ceb73718-FRA
expires: Fri, 07 Apr 2023 15:19:34 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
581 B 29ms
29ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YRQRQGQP9DZNZ14S
age: 5983
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: prDGrfP9Q2yJocLMVMs086d4Xf20e00Uihgi74TWkWggHy5UZf6VnePTEnJDA4LpjohSwbs6H6U=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7b3b0286ceb83718-FRA
expires: Fri, 07 Apr 2023 15:19:34 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1122598/ 9 KB
3 KB 207ms
206ms Script
application/x-javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1122598/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=1680794374238896602091&ogtitle=Threat%20Mail%20Sent%20To%20Noida%20News%20Channel%20Claims%20Plot%20To%20Assassinate%20PM%20Modi%2C%20UP%20CM%20Yogi%20%E2%80%94%20DETAILS&uniqId=17c36&childs=1310961,1379466,1427666&lct=1680739200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=600&h=646&maxw_3=194&maxh_3=192&sz=194x192&szp=1,2,3,4,5,6,7,8,9&szl=1,2,3;4,5,6;7,8,9&cols=3&ref=&cxurl=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&lu=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&sessionId=642ee306-17beb&pageView=1&pvid=1875726d01191f8dc7d&implVersion=11&dpr=1&tfre=1051
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/timesnownews.com.1122598.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 021fe4673cb0762e9c4c45ad7a0c6a2b69db05f42408073fd32ce4ab81d1c7a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7b3b02870f253718-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/1122574/ 1 KB
920 B 58ms
58ms Script
application/x-javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1122574/1?scum=%3F0&scuw=%3F0&mp4=1&ap=1&w=600&h=199&maxw_1=600&maxh_1=176&sz=600x176&szp=1&szl=1&cols=1&pv=5&cbuster=1680794374250971493932&uniqId=0a2c6&childs=1427656&lct=1680739200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&lu=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&sessionId=642ee306-17beb&pageView=0&pvid=1875726d01191f8dc7d&implVersion=11&dpr=1&tfre=1063
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/i/timesnownews.com.1122574.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 619b438c0edb8dd5482148fc76901f1af39be7a61d7c77568c1ac9c6988c8e61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7b3b02872f3f3718-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 pixel
tvid.in/log/ 43 B
428 B 162ms
161ms Ping
image/gif 2a02:26f0:480:39d::3857
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://tvid.in/log/pixel?lts=1680794374159&vj=108&apikey=tgbsl486web5ab8uukl9o&k=1xfny336u9&ss=&pfs=153

Requested by

Host: tvid.in
URL: https://tvid.in/sdk/slikeloader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:39d::3857 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
x-content-type-options: nosniff
content-length: 43
x-xss-protection: 1; mode=block
geo: DE
server: Bhoot
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.timesnownews.com
access-control-expose-headers: geo
x-frame-options: sameorigin
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
x-time-ms: 1680794374374

GET
H2 200 89109097.jpg
static.tnn.in/thumb/msid-89109097,width-390,height-200,resizemode-75/ 4 KB
4 KB 48ms
48ms Image
image/webp 2a02:26f0:6c00::210:bb68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.tnn.in/thumb/msid-89109097,width-390,height-200,resizemode-75/89109097.jpg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

5c6442b9ddd1a32ac3df7be8e7b134105a5a0a74030d934a891bc05ba5a69388

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	sameorigin, sameorigin
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
date: Thu, 06 Apr 2023 15:19:34 GMT
x-content-type-options: nosniff, nosniff
server: Bhoot
etag: 138133
x-frame-options: sameorigin, sameorigin
content-type: image/webp
imagemagick_im4java: 1
cache-control: public, must-revalidate, max-age=30796502
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466887_34650980_309121899_79_1571_45_0";dur=1
appgn: 17229387501231680018541795
content-length: 3820
x-xss-protection: 1; mode=block, 1; mode=block
expires: Thu, 28 Mar 2024 01:54:36 GMT

GET
BLOB 206
Partial Content 01689f6f-2aaa-4259-8cc3-bd66c925794f
https://www.timesnownews.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.timesnownews.com/01689f6f-2aaa-4259-8cc3-bd66c925794f
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 2C8B 0
91 B 36ms
30ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 06 Apr 2023 15:19:34 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 47CD 3 KB
2 KB 74ms
24ms Document
text/html 104.18.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 572
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7b3b02881d1d90d7-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 06 Apr 2023 15:19:34 GMT
expires: Thu, 06 Apr 2023 19:19:34 GMT
last-modified: Mon, 25 Jul 2022 19:18:30 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0AF6 52 KB
17 KB 85ms
18ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 29134
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 06 Apr 2023 15:19:34 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 29 Mar 2023 07:13:44 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1855, 280162
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220056-HHN
X-Timer: S1680794374.430740,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 544B 281 B
554 B 188ms
117ms Document
text/html 104.126.125.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.125.209 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-125-209.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 06 Apr 2023 15:19:34 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F4C3 16 KB
6 KB 20ms
20ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=38914
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 06 Apr 2023 15:19:34 GMT
expires: Fri, 07 Apr 2023 02:08:08 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 101ms
30ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.timesnownews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 74ms
27ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.timesnownews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
12 KB 491ms
490ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=366488744759348&correlator=1329419129417534&eid=31072019%2C31070233%2C44777897&output=ldjh&gdfp_req=1&vrg=202303300101&ptt=17&impl=fifs&iu_parts=21806551354%2CTN_English%2CDesktop%2CArticleShow%2CTN_English_Desk_AS_Header%2CTN_English_Desk_AS_RHS_TOP_300%2CTN_English_Desk_AS_RHS_MID_1_300%2CTN_English_Desk_AS_RHS_Bottom_300%2CTN_English_Desk_AS_Bottom_Multisize%2CROS%2CTN_English_Desktop_ROS_Interstitial&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F2%2F3%2F6%2C%2F0%2F1%2F2%2F3%2F7%2C%2F0%2F1%2F2%2F3%2F8%2C%2F0%2F1%2F2%2F9%2F10&prev_iu_szs=728x90%7C970x90%7C980x90%2C300x250%2C300x250%2C300x250%7C300x600%2C728x90%7C980x90%7C970x90%7C980x200%2C1x1&ifi=1&adks=598348027%2C3949188650%2C63681998%2C4155832848%2C74907901%2C3356420019&didk=4172021985~3940000028~3939999173~609053513~490242270~1332961640&sfv=1-0-40&ists=1&fas=0%2C0%2C0%2C0%2C0%2C8&prev_scp=amznbid%3D2%26amznp%3D2%26pwtsid_pubmatic%3D525e4c8bff89207%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Camznbid%3D2%26amznp%3D2%26pwtsid_pubmatic%3D5393c9d5778dedc%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Camznbid%3D2%26amznp%3D2%26pwtsid_pubmatic%3D54c89365794a205%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Camznbid%3D2%26amznp%3D2%26pwtsid_pubmatic%3D5591c7b90f95f94%26pwtbst_pubmatic%3D1%26pwtecp_pubmatic%3D0.03%26pwtsz_pubmatic%3D300x600%26pwtsid%3D5591c7b90f95f94%26pwtbst%3D1%26pwtecp%3D0.03%26pwtpid%3Dpubmatic%26pwtpubid%3D156537%26pwtprofid%3D445%26pwtverid%3D35%26pwtsz%3D300x600%26pwtplt%3Ddisplay%7Camznbid%3D2%26amznp%3D2%26pwtsid_pubmatic%3D563af9c5050509e%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D57840697f7cfe37%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=section%3Dindia%26page%3Darticle%26keyword%3DPlottokillPMMOdi%252CThreateningemailtokillcmyogi%252CNoidanews%252Cnoidanewstoday%252CIndiaNews%252CTimesNow%26articleid%3D99287585%26article_sequence%3D0%26platform%3Ddesktop&sc=1&cookie_enabled=1&abxe=1&dt=1680794374399&lmt=1680794374&dlt=1680794373070&idt=862&adxs=436%2C1061%2C1061%2C1061%2C436%2C-9&adys=50%2C527%2C1890%2C3004%2C3923%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&frm=20&vis=1&psz=1160x90%7C298x250%7C298x250%7C298x600%7C1160x200%7C0x-1&msz=1160x90%7C298x250%7C298x250%7C298x600%7C980x200%7C0x-1&fws=0%2C0%2C0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=747394426.1680794374&ga_sid=1680794374&ga_hid=923380145&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0b365b4e93297ed7b4b20a2aabf3a32f791fb8cdfdd44ff06297968f0fba9ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12575
x-xss-protection: 0
google-lineitem-id: -1,-2,-2,-2,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-2,-2,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.timesnownews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9455 6 KB
3 KB 92ms
26ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 15:19:34 GMT
expires: Fri, 05 Apr 2024 15:19:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/ 33 KB
12 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aefb4605e33667c5eab919352461823eb85bb1269482bc2c58d1446e1fe71b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 20:00:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69553
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11892
x-xss-protection: 0
server: cafe
etag: 14369727199939890373
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 04 Apr 2024 20:00:21 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame F4C3 2 KB
3 KB 121ms
33ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70995845&p=156537&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 797b3ba3847ad7a2f9e57d80c2facf4a4a54e1ee800a61ccba38faec60b5471e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 06 Apr 2023 15:19:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 pixel
tvid.in/log/ 43 B
428 B 161ms
161ms Ping
image/gif 2a02:26f0:480:39d::3857
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://tvid.in/log/pixel?lts=1680794374159&vj=497&pfM=1680794374446&apikey=tgbsl486web5ab8uukl9o&k=1xfny336u9&mstime=1680794374446&ss=1xfny336u9.1680794374316.94.6300&pfc=4&livet=1&pw=300&ph=169&viewport=100

Requested by

Host: tvid.in
URL: https://tvid.in/sdk/tgbsl486web5ab8uukl9o.hls.spl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:39d::3857 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
x-content-type-options: nosniff
content-length: 43
x-xss-protection: 1; mode=block
geo: DE
server: Bhoot
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.timesnownews.com
access-control-expose-headers: geo
x-frame-options: sameorigin
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
x-time-ms: 1680794374499

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=923380145&t=event&_s=2&dl=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&ul=en-us&de=UTF-8&dt=Threat%20Mail%20Sent%20To%20Noida%20News%20Channel%20Claims%20Plot%20To%20Assassinate%20PM%20Modi%2C%20UP%20CM%20Yogi%20%E2%80%94%20DETAILS%20%7C%20India%20News%2C%20Times%20Now&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Live%20TV&ea=Player%20Error&el=Times%20Now%7C1xfny336u9&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=747394426.1680794374&tid=UA-64032556-12&_gid=900473983.1680794374&gtm=457e3430&cd1=99287585&cd2=2023-04-06&cd3=consumption&cd4=india&cd5=&cd6=Article&cd7=&cd8=&cd9=Original&cd10=surabhi.shaurya%40timesgroup.com&cd11=Times%20Now%20Digital&cd12=&jsscut=1&z=893356078

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76462
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 563 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d756007634d0d47c5d681421e9df6e138995fe0f247c5c17f87277fb66a1092

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 1EC0
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
2 KB

24ms
24ms

Document
text/html

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: f5b2c402fd409d42a6004166d6bb4072cce6256c4c95f7f071c5bcc359013386

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1736
Content-Type: text/html
Date: Thu, 06 Apr 2023 15:19:34 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 06 Apr 2023 15:19:34 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 0AF6
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
933 B

28ms
27ms

Script
text/html

185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Apr 2023 15:19:34 GMT
AN-X-Request-Uuid: 8d17fa68-923d-4878-92d6-8dd9efd94b2b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.26; 217.114.218.26; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 06 Apr 2023 15:19:34 GMT
AN-X-Request-Uuid: 142ae78a-a305-4e1b-bf9d-f826570275dd
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.26; 217.114.218.26; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvOTgwMjIvMDdjOTE5YjkwYWU3NGExMDU1OWQ4ZjQwM2RlMTE4NDguanBn.webp
s-img.mgid.com/g/14609422/492x277/0x0x492x277/ 15 KB
15 KB 77ms
33ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14609422/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvOTgwMjIvMDdjOTE5YjkwYWU3NGExMDU1OWQ4ZjQwM2RlMTE4NDguanBn.webp?v=1680794374-BQ50EbJys5RkkmS_zG67K_fTsvegHqekzLL_Af2tSoA
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2d70a4a2a7922c9d02554ddf6fb2a4b4da58f003918251c6cbbadf9f6040878

Request headers

Referer: https://www.timesnownews.com/
Origin: https://www.timesnownews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 14:22:02 GMT
x-mg-request-uuid: 691ea00e-0c8d-4354-9acb-b01b100a1265
server: cloudflare
age: 1839113
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7b3b0288efe8926e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14944

GET
H2 200 client Show response
accounts.google.com/gsi/ 195 KB
77 KB 99ms
52ms Script
application/javascript 2a00:1450:4001:829::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/tnnassets/articleshow_desktop.db9a0819.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3c322d2185869dcf510003ef20fc71c9a13fb3567ce6bc111f33f21636e7f951

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-7g1cedTD70QYGDLAP3BUlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-7g1cedTD70QYGDLAP3BUlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 06 Apr 2023 15:19:34 GMT

GET
H2 200 492
img.rtbsystem.org/285/103/492/ac4a2774-80dd-473e-85ca-f9752cb9f61f.jpg/16x9/ 16 KB
17 KB 110ms
42ms Image
image/jpeg 2606:4700:3038::6815:eb89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.rtbsystem.org/285/103/492/ac4a2774-80dd-473e-85ca-f9752cb9f61f.jpg/16x9/492
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d574f6520896627ad2e548717d6f7b70b6d95b5c7b9b01607cb6328658cf6919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 16 Mar 2023 11:48:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"641301f5-c10d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mtB5nBO%2FqvVL6%2FVzh63am85MlwHL%2BfcGtF51rGY6ox1pCcokz%2BG4P3uHZrSI5uT1MQRYXnxlebWPubPmu5gZFSSvvAuCCsET02Z4SAtFu5yctvMFeR3vsf4anSeY5tCIMTcTzkKgwMU23Cf9xATRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7b3b02891ffd3a49-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16851
expires: Fri, 07 Apr 2023 15:19:34 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy8zNzMyNjIvMjk3Y...
s-img.mgid.com/g/15771943/492x277/-/ 31 KB
31 KB 88ms
56ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15771943/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy8zNzMyNjIvMjk3Yjg5NWU1MTA4YjlkZWQ0NzlkYjU5Zjc3NGMwYjIuanBn.webp?v=1680794374-AjWzRM6KPRtifZRg663FKRMvnXfEDdhrKVkylhsY7fA
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66d94c080fb79b680bfe06e973326cd7310c01a177a44d439b47cd6e4c20bd53

Request headers

Referer: https://www.timesnownews.com/
Origin: https://www.timesnownews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 01:04:57 GMT
x-mg-request-uuid: 7c3ce84e-b0e2-43b4-a8af-e2c433e7a80d
server: cloudflare
age: 648838
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7b3b0288eff0926e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31258

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy85ODAyMi8yZTFkMTEzMGZkZmNhY2YyZ...
s-img.mgid.com/g/14609377/492x277/-/ 5 KB
6 KB 65ms
32ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14609377/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy85ODAyMi8yZTFkMTEzMGZkZmNhY2YyZTkzMzliZTQ3MTRmNWZmNS5qcGc.webp?v=1680794374-N5JuuTAJeyYIKvlZ13aZhz6SGc54Cali25BbQK2_0hA
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f90e7bd1d0187490f546431f0caa98a9109fe1c1024efd417acd98e38ee1dd73

Request headers

Referer: https://www.timesnownews.com/
Origin: https://www.timesnownews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 17:28:08 GMT
x-mg-request-uuid: 9a17c9de-e7c9-4a86-9886-4b2fabeef2e2
server: cloudflare
age: 1838646
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7b3b0288efeb926e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5250

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8zNzMyNjIvNGM3O...
s-img.mgid.com/g/13783115/492x277/-/ 14 KB
14 KB 84ms
52ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/13783115/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8zNzMyNjIvNGM3OTM4OTNjN2FkMDVhZWY2NDRmMzg5ZGU5MzM2ZGUuanBn.webp?v=1680794374-x3D57azKNqyrQKNVucOMRzREoM1_mRYqFKCOpFg0FYE
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 186812cd80f3f8fc9cf6451df14067638a5af07180af18cf2ea382861b775137

Request headers

Referer: https://www.timesnownews.com/
Origin: https://www.timesnownews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 13:41:34 GMT
x-mg-request-uuid: 81fec36a-bdbc-42df-b4e2-2cf69e5bd4ce
server: cloudflare
age: 2147541
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7b3b0288efec926e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13906

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNTA0LHlfMjkxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3L...
s-img.mgid.com/g/13612050/492x277/-/ 16 KB
16 KB 86ms
54ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/13612050/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNTA0LHlfMjkxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzM1NTIyOS84YjEwOTNhMWNkMWM0ZmMwMTBiYjI3NjY0YTQ3NDExZi5qcGc.webp?v=1680794374-lijOiYLApWrs5Fz0V_9cGsIsLiQREk-PRcxiX3gl4Hw
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69198458f0e562635b7fc1c942f88bc1451cb315bd41c4e3dd9a997b3dd5fa70

Request headers

Referer: https://www.timesnownews.com/
Origin: https://www.timesnownews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
cf-cache-status: HIT
last-modified: Sat, 28 Jan 2023 20:48:56 GMT
x-mg-request-uuid: 9fbb325e-cdee-4840-93b4-3cbd57ecbf6a
server: cloudflare
age: 3192926
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7b3b0288efee926e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16236

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvOTgwMjIvMmJlZjk2MGVkYzgzYTc4NGM0OTM3YjRlYTI2YjQwOGIuanBn.webp
s-img.mgid.com/g/14592825/492x277/33x1x758x426/ 17 KB
17 KB 66ms
35ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14592825/492x277/33x1x758x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvOTgwMjIvMmJlZjk2MGVkYzgzYTc4NGM0OTM3YjRlYTI2YjQwOGIuanBn.webp?v=1680794374-vFm9bDy-p8c940SX7qkgYZzEonMRGOvInszp1oqVxLg
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77321b91c3194589463793cef1ac42b4e2374a51146e4bc3d5a486077ff1f217

Request headers

Referer: https://www.timesnownews.com/
Origin: https://www.timesnownews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Mar 2023 08:47:52 GMT
x-mg-request-uuid: bff00d34-6c26-4792-86fe-091bc1c424b9
server: cloudflare
age: 1823339
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7b3b0288efed926e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17416

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8zNzMyNjIvZjg5N...
s-img.mgid.com/g/13387976/492x277/-/ 18 KB
18 KB 47ms
47ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/13387976/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8zNzMyNjIvZjg5N2RkNTczODMyNTJmYmM5ZTVkNDIzZWIzZjRjNzAuanBn.webp?v=1680794374-qYgOiby_bXgkS1oAhYRIINEKUfbmlmnuRMT65P4T1M0
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d77929611a49cee720db03cfa320d1a7adc96ba5ab75d005bf2900a71538c97

Request headers

Referer: https://www.timesnownews.com/
Origin: https://www.timesnownews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
cf-cache-status: HIT
last-modified: Sat, 14 Jan 2023 13:46:53 GMT
x-mg-request-uuid: fcf46061-417a-46a7-a707-07ddb9751b2c
server: cloudflare
age: 5105876
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7b3b0288fffb926e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18220

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvOTgwMjIvODY0NmZkMTM3ZWRmY2U1MDgwM2Y1MDQyNTk2MmRmMTkuanBn.webp
s-img.mgid.com/g/14609400/492x277/0x54x650x365/ 26 KB
26 KB 47ms
47ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14609400/492x277/0x54x650x365/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvOTgwMjIvODY0NmZkMTM3ZWRmY2U1MDgwM2Y1MDQyNTk2MmRmMTkuanBn.webp?v=1680794374-i5xivH9biox05PMK4ByEE8j-OxjNH5cFVVpxOhMvs7U
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c81fb12693302c027fb6f81b8afe5c36f9a187ea9c11d98d3a47e40024f3705

Request headers

Referer: https://www.timesnownews.com/
Origin: https://www.timesnownews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
cf-cache-status: HIT
last-modified: Sun, 11 Dec 2022 15:48:33 GMT
x-mg-request-uuid: 65b40321-5043-4261-8cfd-54fc270188d9
server: cloudflare
age: 1838725
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7b3b0288fffc926e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26218

GET
H3 200 int_exchange_wages_ad.svg
cdn.mgid.com/images/mgid/ 1 KB
978 B 32ms
31ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/int_exchange_wages_ad.svg
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 5FEWVNTYH4XY0BX8
age: 3302
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: k+adrVf6bTi5y7VcvktaWl+n9ltNdRx9sZBU8f4ad0wBtKi7Xf3T8iY0buFEhPUzuRmwL7VROLM=
last-modified: Mon, 04 May 2020 12:16:53 GMT
server: cloudflare
etag: W/"37346cd2daeeec771e8ffe3a34ef43ea"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7b3b0288bc440418-FRA
expires: Fri, 07 Apr 2023 15:19:34 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 544B 34 KB
10 KB 26ms
26ms Script
text/html 104.126.125.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.125.209 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-125-209.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 247198729eb208f121bb2afb84209287356fca8b7c0f31ccad61caf36936ae92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 15:19:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Apr 2023 19:42:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=15744
Connection: keep-alive
Content-Length: 10015
Expires: Thu, 06 Apr 2023 19:41:58 GMT

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 3611
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3233307829599660863

42 B
195 B

33ms
33ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3233307829599660863
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 06 Apr 2023 15:19:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3233307829599660863
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 86F9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5313642e-e307-4000-abaa-97b74f62c764&gdpr=0&gdpr_consent=

42 B
325 B

26ms
26ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5313642e-e307-4000-abaa-97b74f62c764&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 06 Apr 2023 15:19:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Thu, 06 Apr 2023 15:19:35 GMT
Expires: Thu, 06 Apr 2023 15:19:34 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 776 936c8db master hkg-pixel-x5 config_version:"unknown"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5313642e-e307-4000-abaa-97b74f62c764&gdpr=0&gdpr_consent=

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 782A 43 B
363 B 95ms
25ms Document
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 15:19:33 GMT
expires: Thu, 06 Apr 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 271009
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame FD9F
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dhMHTCUUBR9tHlRNdhAYSCZDUxttQ1NNIUSLIM5g

42 B
423 B

102ms
32ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dhMHTCUUBR9tHlRNdhAYSCZDUxttQ1NNIUSLIM5g
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 06 Apr 2023 15:19:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Thu, 06 Apr 2023 15:19:34 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dhMHTCUUBR9tHlRNdhAYSCZDUxttQ1NNIUSLIM5g
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2E34
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4928928972027488064&gdpr=0&gdpr_consent=

42 B
298 B

74ms
27ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4928928972027488064&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 06 Apr 2023 15:19:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: 105d3008-da87-474e-b7d1-3c317bad181a
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Thu, 06 Apr 2023 15:19:34 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4928928972027488064&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 217.114.218.26; 217.114.218.26; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F4C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Rs6vgATsTw6OLTRomo3OfA%3D%3D&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Rs6vgATsTw6OLTRomo3OfA%3D%3D&gdpr=0&gdpr_consent=&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

20ms
19ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=38914
accept-ranges: bytes
content-length: 5554
expires: Fri, 07 Apr 2023 02:08:08 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame F4C3 49 B
264 B 141ms
43ms Image
image/gif 54.154.146.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=46CEAF80-04EC-4F0E-8E2D-34689A8DCE7C&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.146.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-146-140.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.17.2
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame F4C3
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1904088446
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=46CEAF80-04EC-4F0E-8E2D-34689A8DCE7C

0
284 B

77ms
28ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=46CEAF80-04EC-4F0E-8E2D-34689A8DCE7C
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:33 GMT
via: 1.1 google
last-modified: Thu, 06 Apr 2023 15:19:34 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=46CEAF80-04EC-4F0E-8E2D-34689A8DCE7C
date: Thu, 06 Apr 2023 15:19:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200

p
a.audrte.com/ Frame F4C3
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=46CEAF80-04EC-4F0E-8E2D-34689A8DCE7C
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Y2FmQVpFTkV5UHNUeUtXc251SHgtcDV3Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=5719805236478613551&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

113ms
112ms

Image
image/png

54.225.127.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: HTTP/1.1
Server: 54.225.127.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-127-60.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 15:19:35 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Thu, 06 Apr 2023 15:19:35 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F4C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDZDRUFGODAtMDRFQy00RjBFLThFMkQtMzQ2ODlBOERDRTdD&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDZDRUFGODAtMDRFQy00RjBFLThFMkQtMzQ2ODlBOERDRTdD&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
245 B

56ms
32ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 06 Apr 2023 15:19:34 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F4C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMLsTav1E8hrbkpzhjltlNw&google_cver=1

42 B
298 B

57ms
33ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMLsTav1E8hrbkpzhjltlNw&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 06 Apr 2023 15:19:34 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMLsTav1E8hrbkpzhjltlNw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame F4C3 43 B
612 B 91ms
27ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 05 Apr 2023 15:19:34 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F4C3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5719805236478613551

42 B
449 B

83ms
26ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5719805236478613551
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 06 Apr 2023 15:19:34 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5719805236478613551
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F4C3 70 B
265 B 155ms
48ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 1EC0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZC7jBocOCv3dp42aYNqlvgAADQQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZC7jBocOCv3dp42aYNqlvgAADQQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFt83AphmQVKPg5OUMLgx1g&google_cver=1

43 B
766 B

22ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFt83AphmQVKPg5OUMLgx1g&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Apr 2023 15:19:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFt83AphmQVKPg5OUMLgx1g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1EC0 70 B
264 B 144ms
53ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 1EC0
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZC7jBocOCv3dp42aYNqlvgAADQQAAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZC7jBocOCv3dp42aYNqlvgAADQQAAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

132ms
132ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZC7jBocOCv3dp42aYNqlvgAADQQAAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Apr 2023 15:19:35 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VMTPSF0QHRSTBF7CGF4K
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 06 Apr 2023 15:19:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AKRT7SJHR2AYNDD8K5ZQ
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZC7jBocOCv3dp42aYNqlvgAADQQAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1EC0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZC7jBocOCv3dp42aYNqlvgAA
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZC7jBocOCv3dp42aYNqlvgAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENtQulX0e-ua_nXe0kBfjpE&google_cver=1

43 B
632 B

23ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENtQulX0e-ua_nXe0kBfjpE&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Apr 2023 15:19:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENtQulX0e-ua_nXe0kBfjpE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ZC7jBocOCv3dp42aYNqlvgAADQQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1EC0
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZC7jBocOCv3dp42aYNqlvgAADQQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZC7jBocOCv3dp42aYNqlvgAADQQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&verify=true
https://pr-bh.ybp.yahoo.com/sync/casale/ZC7jBocOCv3dp42aYNqlvgAADQQAAAIB?us_privacy=

43 B
602 B

145ms
49ms

Image
image/gif

2a05:d018:d29:3601:26a7:915d:b928:9358
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZC7jBocOCv3dp42aYNqlvgAADQQAAAIB?us_privacy=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

2a05:d018:d29:3601:26a7:915d:b928:9358 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/ZC7jBocOCv3dp42aYNqlvgAADQQAAAIB?us_privacy=
date: Thu, 06 Apr 2023 15:19:34 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 1EC0 43 B
433 B 187ms
43ms Image
image/gif 52.30.78.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.78.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-78-52.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 06 Apr 2023 15:19:34 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 1EC0 0
75 B 152ms
30ms Image
text/plain 185.86.138.151
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1EC0
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4405112478713697268

43 B
632 B

22ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4405112478713697268
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Apr 2023 15:19:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4405112478713697268
pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 1EC0 43 B
353 B 81ms
26ms Image
image/gif 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZC7jBocOCv3dp42aYNqlvgAA%263332
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.timesnownews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 63513
etag: "da1f1d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b3b02898f5b2bb9-FRA
content-length: 43
expires: Fri, 07 Apr 2023 15:19:34 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
585 B 42ms
41ms Stylesheet
text/css 2a00:1450:4001:829::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-FrPr9iKTYAlQTgSsnCyrlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-FrPr9iKTYAlQTgSsnCyrlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 06 Apr 2023 15:19:34 GMT

GET
H2 403 status Show response
accounts.google.com/gsi/ 37 B
531 B 87ms
86ms XHR
application/json 2a00:1450:4001:829::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=516427900873-frpulpnsvv3886s9vlsc2pvq2nhj0uvg.apps.googleusercontent.com&as=e%2B%2FqRDl62%2F0A%2FivOHl70Pg

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8300329d489464127469486667ead54ac1bdd6f27daec99b37e49696f1ceec1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-NgaWYV3mrAVufVnAB3fZvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-NgaWYV3mrAVufVnAB3fZvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.timesnownews.com
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 544B
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2IzYTkwM2Y5NWE3ZDc3ZDc4NGRkMzljNzUyMTU4OWM5MjYzOTdiZQ

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2IzYTkwM2Y5NWE3ZDc3ZDc4NGRkMzljNzUyMTU4OWM5MjYzOTdiZQ

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2IzYTkwM2Y5NWE3ZDc3ZDc4NGRkMzljNzUyMTU4OWM5MjYzOTdiZQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 544B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL_Ms2EkQtvNIVhfifR4BGc&google_cver=1

0
239 B

95ms
20ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL_Ms2EkQtvNIVhfifR4BGc&google_cver=1
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL_Ms2EkQtvNIVhfifR4BGc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 544B
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=32kzvJ3MQoK26V0gWDPu2A&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=32kzvJ3MQoK26V0gWDPu2A

43 B
479 B

111ms
110ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=32kzvJ3MQoK26V0gWDPu2A

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Apr 2023 15:19:35 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QMJB2NDASJT60B6JBZVC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=32kzvJ3MQoK26V0gWDPu2A
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 544B
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEc1OUtOQVEtSS1LRE9B
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOKbMZyIXAfnoMkDvirtZjs&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEc1OUtOQVEtSS1LRE9B&google_push=

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEc1OUtOQVEtSS1LRE9B&google_push=

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEc1OUtOQVEtSS1LRE9B&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 544B
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IQ2iy9LSTP-RejF1-wKlNg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IQ2iy9LSTP-RejF1-wKlNg

43 B
720 B

127ms
126ms

Image
image/gif

52.94.222.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IQ2iy9LSTP-RejF1-wKlNg

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

HTTP/1.1

Server

52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Apr 2023 15:19:35 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: B426J5GKC47TYTKQT6AP
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IQ2iy9LSTP-RejF1-wKlNg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 544B 70 B
264 B 49ms
48ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 544B
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LG59KNAQ-I-KDOA

0
653 B

791ms
741ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LG59KNAQ-I-KDOA
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: B183DEF3F27E4D61B01FC1A39C3423D5 Ref B: DUS30EDGE0417 Ref C: 2023-04-06T15:19:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX4rG+xhgEbonTnV6JXeA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LG59KNAQ-I-KDOA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 544B
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/80liANl4hfg9H2325slSig?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-il2OBAdE2oJ2HXe3pvXyBUuznU3Y.9HObj41IQ--~A

0
239 B

23ms
22ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-il2OBAdE2oJ2HXe3pvXyBUuznU3Y.9HObj41IQ--~A
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 06 Apr 2023 15:19:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-il2OBAdE2oJ2HXe3pvXyBUuznU3Y.9HObj41IQ--~A
content-length: 0

GET
H2 200 container.html Show response
a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5CD1 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 15:19:34 GMT
expires: Fri, 05 Apr 2024 15:19:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1E93 6 KB
3 KB 19ms
19ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 15:19:34 GMT
expires: Fri, 05 Apr 2024 15:19:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5CD1 0
0 60ms
59ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXrgRBuMuZNbAHsi1-wav9rTgDsme0rFc1Z2R93DAjbcBEAEgAGCVgoeCmAeCARdjYS1wdWItNTg3NjQ3ODg3MjA0Nzc1OMgBCakCAdiDLVFQsj7gAgCoAwGqBI0DT9BdX2bFFoRBn1x8S4wG1p3gOQP9Q_XT7QwzSOFSWLQi001jVVdCbm6z58FdStxi9MPXOaHgvUNnXbKjnaW36SHmNp_usAllsYuBoM0wt4Cfn1UeQDT4bP1_GMao1xcFbTYljQbbJsYmb6ScmKeI3cf7kR475Ax5oMIwbsQ2CwI60YdZshS0q4aa3h5F2F9PU1WDEqfQ3XDgzU0R6rFoX365BfdJApBR5QJRzx9yuIYcamaMM3DspYNWhaE4g93jij90C_zLjdIpyPcoLBQUDyp-UXdnpkUwloW7OlmFGTnGck0JW_jF-dh-N8L9cTi-ol0CvzPAIhluHdRMfD-dyjdPGEGoyYlh1NvPqdzCJ4FIPoTvCgrWpYdZT4nleLSUth2DTA_qIShpwz-MyeA7Hl_OdJzOdJXAlyn67AlQ6HnGrnbGIP6F4_RnNGsUM73BgKTlPrELbLUaSMx4m3NhDTSyeZMKMswRpW_CUpSmAqOXazooonNyeQ3KzmGcxXGzrYqcgwncu7i8h6rhMOAEAYAG2bSkpNye4dXFAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg3NjQ3ODg3MjA0Nzc1OBiXzHA&sigh=SGsDp0jjjuo&uach_m=[UACH]&cid=CAQSSwDUE5ym7-heRBWtjKFMcPAzLaM-WkwYjTVJQCD3ohBXeZDHeCpTRpLnOZO9gy2q-tjfGHwtgEbp8mi43K1F-nJ2uGPcEu9VR7EfyRgB
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 5CD1 0
0 96ms
32ms Fetch 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k6LpFK60E9QHWp2DYgICAAAAQBNsGwy8EmHqMWwYALoFlhAF4y5kPdg0zXJjxxCS8QAAEgAACgpBUVVCRHdFQkR3&wp=ZC7jBgAHoFYK3trIAA07L8C1WY9ze01m9VF99g

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 149599
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame E7FF 105 KB
39 KB 134ms
65ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZC7jBgAHoFYK3trIAA07L8C1WY9ze01m9VF99g&u=%7CC7Jrtr70AVgA%2F5fD9UUZCaD3w%2Ft5cjCJ%2BCChsRRfl9A%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SSF2iDXoOgiUsev6AkWZhvYejRA8VzOzRevlAPY6tgnjJWbHa_GrCWv6UxVM4yf4umnIPteApTtKhAp2v4BLwAdGMeYQxTIH0UdmjXEchRj7S18vLw_WeaqKd_TmvPQWrF76jvQsEFDzdwf0uBscXxASv0DWhd-y4kgqX5wjkCDCWaorIGLRm4z83uqwqVOeTp_jfv5Ovc7VgQvOysJrOhYsAjRVKoq8LGt8rlplA2BtHaTj1pI78sW7_SqMmuUpOB2kL2DNbnAYfxSfDbcSQuwjr9SOHOSqIZRL-Tug1IcB8nhgs6-a3kwMJcBlVYI2tskVMKHLbeFVNIdopC6jRLKG-WX4GdhJTiyF0dbXx62LMaGEZp7b8PC1QqCJQEG4BNpIbXV51nIPO4KtnoiEj6oRlbc2vwcvdfKvA54LI-oogEyd59zpgKPNSIyVNVxk8jqWBUXqceJx7Yw7CY-8JlCgHdFgRUdeB5JH9poFuts9XAgtMsJ25tVv0ZcwgzclZ3aPyTyl0Wom68P1I2imBfwqZoBgCx3RXyAv9k6FOWvw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHvhMBuMuZNbAHsi1-wav9rTgDsme0rFc1Z2R93DAjbcBEAEgAGCVgoeCmAeCARdjYS1wdWItNTg3NjQ3ODg3MjA0Nzc1OMgBCakCAdiDLVFQsj7gAgCoAwGqBJADT9BdX2bFFoRBn1x8S4wG1p3gOQP9Q_XT7QwzSOFSWLQi001jVVdCbm6z58FdStxi9MPXOaHgvUNnXbKjnaW36SHmNp_usAllsYuBoM0wt4Cfn1UeQDT4bP1_GMao1xcFbTYljQbbJsYmb6ScmKeI3cf7kR475Ax5oMIwbsQ2CwI60YdZshS0q4aa3h5F2F9PU1WDEqfQ3XDgzU0R6rFoX365BfdJApBR5QJRzx9yuIYcamaMM3DspYNWhaE4g93jij90C_zLjdIpyPcoLBQUDyp-UXdnpkUwloW7OlmFGTnGck0JW_jF-dh-N8L9cTi-ol0CvzPAIhluHdRMfD-dyjdPGEGoyYlh1NvPqdzCJ4FIPoTvCgrWpYdZT4nleLSUth2DTA_qIShpwz-MyeA7Hl_OdJzOdJXAlyn67AlQ6HnGrnbGIP6F4_RnNGsUM73BgKTlPrELbLUaSMx4m3NhDTSyeZMKMsxTp05Q1Rs6ERwLf5n4n9WKcBnAeGuy3fMHZbc6cbbCl6A5LS7yj-NbiOAEAYAG2bSkpNye4dXFAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1_I_s2lg9RhPnHAu6FBBUZLUoYDg%26client%3Dca-pub-5876478872047758%26adurl%3D

Requested by

Host: a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com
URL: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0c811b06fa5b8010785099354ba94c81e70092258cea6ddebccf8952287bb235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 15:19:34 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Au2-NtrdeTLxBElheRVQ09-nEZtf-SyhzxxTQJREYCn7V7aRtkMwha4oh-YgVOOmeVpi4TMAGsKGHG2KKj_Iea_-zzUG-2l0ZmW8naqxKmhtLpyeQKUCLZSVu068zBVwo_KOPTTr2Ng_PVY8lUuaorq1v9af0Mfu051eUqyhdhDuUejYFUThs-NdKT04Qj5s4fiFTlwCTnxYkqdD3cu6__enUG4FGgyil5wX4rMYjDKsZwiO4Ead6bVjzL8"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 12728296
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame 5CD1 3 KB
1 KB 99ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/window_focus_fy2021.js

Requested by

Host: a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com
URL: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 13:43:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame 5CD1 20 KB
8 KB 78ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com
URL: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 14:16:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3808
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 14:16:07 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5CD1 24 KB
6 KB 94ms
36ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com
URL: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 11:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 274112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 02 Apr 2024 11:11:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5CD1 159 KB
49 KB 289ms
234ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com
URL: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:19:35 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1E93 0
0 60ms
60ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CH_oUBuMuZNrAHsi1-wav9rTgDsme0rFczaOW93DAjbcBEAEgAGCVgoeCmAeCARdjYS1wdWItNTg3NjQ3ODg3MjA0Nzc1OMgBCakCAdiDLVFQsj7gAgCoAwGqBJ4DT9Dy2yjwda8yeGO5QWmmDfRwXKLAAlJqKJsyca_X1Esyyytkilc-g1MRzzNQEgf6EgvvGnkef5lOJruXmOpyKPE2grdIlkt3oXD2_nEBc6E5GvupkTGjWAWhcMxVtngQ6uvuUF8jw_kgKt_i3W5hKu-NMKTlWRHr4FlturfJ3uMrfBp34gNUXp56Yl_yJD00PPgaE5-r9hSxZIlG7B28-nJMqfBNno4ayzMFO_d84rR2Je9H2s6eQ56iRgl9q5qeo8T8sGNCrsNiqIjOkOm8MJjSJrb5U4KS0S-pJAgZpvQ2pwZNIrR7O3FUJLEJHKiK2urw6LkE9BnrSkcvLTxsgsgkmQv4qmeG9s3DyxRETO0Ob4IdvhHijA-ERw3gMxXa5oo-xXCLhimF_C7EEoyXB0sMhamNGGOY4JkpVwSSgXILz4wqycE1GsQhreu1-PQ6rxtCaClkR3RZdUqus-54HGkIzNdOchpt5RC0LJhN9R7xxaZsVd8o_tpUEIDZywY9XSt09HDxbwF6jLj3fqxodpHV7LuMHFv2N8izs5DK4AQBgAaxq8ilwu-P2QigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU4NzY0Nzg4NzIwNDc3NTgYl8xw&sigh=aKKOeKJkd1I&uach_m=[UACH]&cid=CAQSSwDUE5ym7-heRBWtjKFMcPAzLaM-WkwYjTVJQCD3ohBXeZDHeCpTRpLnOZO9gy2q-tjfGHwtgEbp8mi43K1F-nJ2uGPcEu9VR7EfyRgB
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 1E93 0
0 100ms
33ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k4PiFbr5RNQHyAGdg2ICAgAAAEATbBsMvBJh6jFsGAC6BZYQBeMuZA82vbwm9Ykit_UAABIAAAoKQVFVREFRRUJBUQ&wp=ZC7jBgAHoFoK3trIAA07L16mGkUhGIaQxPs60g

Requested by

Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 164517
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame BCD7 119 KB
42 KB 161ms
103ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZC7jBgAHoFoK3trIAA07L16mGkUhGIaQxPs60g&u=%7CC7Jrtr70AVgD66mPhSRqaSj1krdbGiiGBVy4V%2FUyC2w%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvlKe-eiyFaOWLGNFyZNZF27p-ZclUTq8Q8M8q60hnESsOzgbtZvG6omFfn3z2pOS4Z8_Jpa0P0cSFQunJrMVjFJVG4YaMEd1as22xmgIBV5yxzFnFcg1sEM8Nurqlc5jP7yvdRk4GE7NyTR-r8CeTzWxj_6i77nZk3o-KdspDeE1OqrkccamcFxyfkmmYZZRG1VXXmiiExMMLZ0C-Bwj-fNVberq-t8-a8CTWC29SayvDrKj-L-NczC6uKBUcHC1YdKpm2_a1zI7ZPoGzVpgTJNinjBPB18okypX69pQdDG3vhM-d9B0sct7QW7865nyStH6eJciU1kqRbWSwZgQUDe-tOdY5vvTvJUPxdN8tkomrPLGV_T16eN0ldi518Bt5ezuCz8HfupHCbo7zK-J5vUkZ8Ker07FBWpxmg5ybxhUfxAA06dNoowaQhpC8xTkdJPCcHVC8YLa8_Xo_vIeHe8M9UpGXQQxmy0jRIH26biTknSQQL3Ohv0OBNmUZ79PZXiBJHOs86LPyDDgjRDppxDDw_88zJ1itCFRJHlnX9EA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlM6BuMuZNrAHsi1-wav9rTgDsme0rFczaOW93DAjbcBEAEgAGCVgoeCmAeCARdjYS1wdWItNTg3NjQ3ODg3MjA0Nzc1OMgBCakCAdiDLVFQsj7gAgCoAwGqBKEDT9Dy2yjwda8yeGO5QWmmDfRwXKLAAlJqKJsyca_X1Esyyytkilc-g1MRzzNQEgf6EgvvGnkef5lOJruXmOpyKPE2grdIlkt3oXD2_nEBc6E5GvupkTGjWAWhcMxVtngQ6uvuUF8jw_kgKt_i3W5hKu-NMKTlWRHr4FlturfJ3uMrfBp34gNUXp56Yl_yJD00PPgaE5-r9hSxZIlG7B28-nJMqfBNno4ayzMFO_d84rR2Je9H2s6eQ56iRgl9q5qeo8T8sGNCrsNiqIjOkOm8MJjSJrb5U4KS0S-pJAgZpvQ2pwZNIrR7O3FUJLEJHKiK2urw6LkE9BnrSkcvLTxsgsgkmQv4qmeG9s3DyxRETO0Ob4IdvhHijA-ERw3gMxXa5oo-xXCLhimF_C7EEoyXB0sMhamNGGOY4JkpVwSSgXILz4wqycE1GsQhreu1-PQ6rxtCaClkR3RZdUqus-54HGkIzNdOchpt5RC0LJhN9R7xxaZsVd8o_phWMRJeRJou4rdgV6DMyflzmLJBdIJw9CUd0R1-o0XaL00ZN4N1lwfS4AQBgAaxq8ilwu-P2QigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_10Rb4ihnSdGG6IUJUmZpl-0jpQ6w%26client%3Dca-pub-5876478872047758%26adurl%3D

Requested by

Host: a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com
URL: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b99dca5809dd32899a5345e0135061e6ec0da3bc07cf388ffbb565a588a815d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 15:19:34 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=S7MvodrdeTLxBElhzEWObhwsUFfh0URncEGsqRe8m-Ou5Zmr3JQGP80bzw5oXCJidxJKk4VTQw-2lFGsDcbDqtp835BeEzrlWW1BGlMkWJ8on4a6I2OvJAAkacehSGbucwOeIe1rHHoaRMdY8INmgKRpFXguO2f3p0icfOULfjkmwFCx0eeQVCDZgaWbdCYT5y0_UOP9ZjRquS9hX0TXiARvVYYFyC8XsPJhm21bZJ3Y7LmX7dEGy80my2B3coSJuFoYWA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 14166597
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame 1E93 3 KB
1 KB 87ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/window_focus_fy2021.js

Requested by

Host: a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com
URL: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 13:43:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame 1E93 20 KB
8 KB 71ms
24ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com
URL: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 14:16:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3808
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 14:16:07 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1E93 24 KB
7 KB 69ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com
URL: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 11:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 274112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 02 Apr 2024 11:11:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1E93 159 KB
49 KB 283ms
239ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com
URL: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:19:35 GMT

GET
DATA 200
OK truncated
/ Frame 5CD1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 092fa1045d197de4b38e716a2cc4a0014c4e3b92c5ae115150d597a90de87e79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1E93 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37a238e5dec2146a70624bf7f0f2331a25cbd51ceb95c39df83086782da23820

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame E7FF 2 KB
1 KB 132ms
64ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZC7jBgAHoFYK3trIAA07L8C1WY9ze01m9VF99g&u=%7CC7Jrtr70AVgA%2F5fD9UUZCaD3w%2Ft5cjCJ%2BCChsRRfl9A%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ66URtX1gfQsB7PXt8PBrVICWZYsqhnD-SSF2iDXoOgiUsev6AkWZhvYejRA8VzOzRevlAPY6tgnjJWbHa_GrCWv6UxVM4yf4umnIPteApTtKhAp2v4BLwAdGMeYQxTIH0UdmjXEchRj7S18vLw_WeaqKd_TmvPQWrF76jvQsEFDzdwf0uBscXxASv0DWhd-y4kgqX5wjkCDCWaorIGLRm4z83uqwqVOeTp_jfv5Ovc7VgQvOysJrOhYsAjRVKoq8LGt8rlplA2BtHaTj1pI78sW7_SqMmuUpOB2kL2DNbnAYfxSfDbcSQuwjr9SOHOSqIZRL-Tug1IcB8nhgs6-a3kwMJcBlVYI2tskVMKHLbeFVNIdopC6jRLKG-WX4GdhJTiyF0dbXx62LMaGEZp7b8PC1QqCJQEG4BNpIbXV51nIPO4KtnoiEj6oRlbc2vwcvdfKvA54LI-oogEyd59zpgKPNSIyVNVxk8jqWBUXqceJx7Yw7CY-8JlCgHdFgRUdeB5JH9poFuts9XAgtMsJ25tVv0ZcwgzclZ3aPyTyl0Wom68P1I2imBfwqZoBgCx3RXyAv9k6FOWvw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHvhMBuMuZNbAHsi1-wav9rTgDsme0rFc1Z2R93DAjbcBEAEgAGCVgoeCmAeCARdjYS1wdWItNTg3NjQ3ODg3MjA0Nzc1OMgBCakCAdiDLVFQsj7gAgCoAwGqBJADT9BdX2bFFoRBn1x8S4wG1p3gOQP9Q_XT7QwzSOFSWLQi001jVVdCbm6z58FdStxi9MPXOaHgvUNnXbKjnaW36SHmNp_usAllsYuBoM0wt4Cfn1UeQDT4bP1_GMao1xcFbTYljQbbJsYmb6ScmKeI3cf7kR475Ax5oMIwbsQ2CwI60YdZshS0q4aa3h5F2F9PU1WDEqfQ3XDgzU0R6rFoX365BfdJApBR5QJRzx9yuIYcamaMM3DspYNWhaE4g93jij90C_zLjdIpyPcoLBQUDyp-UXdnpkUwloW7OlmFGTnGck0JW_jF-dh-N8L9cTi-ol0CvzPAIhluHdRMfD-dyjdPGEGoyYlh1NvPqdzCJ4FIPoTvCgrWpYdZT4nleLSUth2DTA_qIShpwz-MyeA7Hl_OdJzOdJXAlyn67AlQ6HnGrnbGIP6F4_RnNGsUM73BgKTlPrELbLUaSMx4m3NhDTSyeZMKMsxTp05Q1Rs6ERwLf5n4n9WKcBnAeGuy3fMHZbc6cbbCl6A5LS7yj-NbiOAEAYAG2bSkpNye4dXFAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1_I_s2lg9RhPnHAu6FBBUZLUoYDg%26client%3Dca-pub-5876478872047758%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Mar 2024 15:19:35 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame E7FF 2 KB
1 KB 135ms
67ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Mar 2024 15:19:35 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame E7FF 308 B
637 B 100ms
33ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 31 Mar 2024 15:19:35 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame E7FF 293 B
621 B 131ms
65ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 31 Mar 2024 15:19:35 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame E7FF 43 B
347 B 86ms
27ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=QjJ-FyaedB6Rlbw4RYsAUuvAPkyTO4aaohE0ZBgZOfnvZXndXBMIa6VGr-pCzWzcpTBpWzENpmPgf18TsMvWBjZlv9OvZumK8-qmK-DUbDabixBHcb0r0VN6LUlnu2-HXk_c6LO1sFtIM-I1mVZpv_ep2svYcXr-lqu4f8wHTNx32N_3N21uw4uUUhCZdc_kyyp8BfA32mGl-TNrY7_Kd44M3bNqai8nPN0tsoemF9oplA3gSXHPeGU4ickF9KtghLiM7Li8anlktQSe0ZhtQz5ehIaxFchQFmce_QcWd4HPinJK4G174cdO-y9y6HgUnBK1jQSWVz2g29vWasQ6ZnX-OF5e7bJuh1T6j54nlYvo4N-TWm0oU1HBa5pwNeqRdhHBO6P2rxME7MrwxOkrc2wf61W0ufebkUTZcWcB1rVxEXM6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1914924
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame E7FF 12 KB
5 KB 69ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1271681
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFKuPOv30QSHGzkqcnUqS%2FQyLGwOI1KYkWq3oe9m1tN9P2%2FbnraZOms1suBviMRxi0MFY%2BzbgHenLd%2F5fCXhfbPGYMYiejCXrM%2FWLjaiAA%2BAaUqg3GgwLgEQCLmCBSegupen%2BOBVIZmpBTxT2Nm3Tb7p"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b3b028cdea33638-FRA
expires: Tue, 26 Mar 2024 15:19:35 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame E7FF 12 KB
6 KB 81ms
38ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Mar 2024 15:19:35 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E7FF 4 KB
4 KB 103ms
34ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=25852&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F25852%2F230403%2F81e9c7a4973745c19a8bc70d8e2c7a09_de_wkda_white_bkg_rgb-03.jpg&v=3&w=392&s=2FZeDe-qWKAR20cnypisVXgF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

efdcdc125d15eb772a0511057ab33b7462a0ae6ef4307d4f3d42d4b42a67b904

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 3610
expires: Sat, 30 Mar 2024 09:52:14 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame E7FF 0
128 B 108ms
34ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Au2-NtrdeTLxBElheRVQ09-nEZtf-SyhzxxTQJREYCn7V7aRtkMwha4oh-YgVOOmeVpi4TMAGsKGHG2KKj_Iea_-zzUG-2l0ZmW8naqxKmhtLpyeQKUCLZSVu068zBVwo_KOPTTr2Ng_PVY8lUuaorq1v9af0Mfu051eUqyhdhDuUejYFUThs-NdKT04Qj5s4fiFTlwCTnxYkqdD3cu6__enUG4FGgyil5wX4rMYjDKsZwiO4Ead6bVjzL8&sds=2&rev=85712&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 06 Apr 2023 15:19:34 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E7FF 2 KB
1 KB 72ms
41ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Mar 2024 15:19:35 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame E7FF 2 KB
1 KB 61ms
61ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Mar 2024 15:19:35 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame BCD7 2 KB
1 KB 58ms
34ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZC7jBgAHoFoK3trIAA07L16mGkUhGIaQxPs60g&u=%7CC7Jrtr70AVgD66mPhSRqaSj1krdbGiiGBVy4V%2FUyC2w%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvlKe-eiyFaOWLGNFyZNZF27p-ZclUTq8Q8M8q60hnESsOzgbtZvG6omFfn3z2pOS4Z8_Jpa0P0cSFQunJrMVjFJVG4YaMEd1as22xmgIBV5yxzFnFcg1sEM8Nurqlc5jP7yvdRk4GE7NyTR-r8CeTzWxj_6i77nZk3o-KdspDeE1OqrkccamcFxyfkmmYZZRG1VXXmiiExMMLZ0C-Bwj-fNVberq-t8-a8CTWC29SayvDrKj-L-NczC6uKBUcHC1YdKpm2_a1zI7ZPoGzVpgTJNinjBPB18okypX69pQdDG3vhM-d9B0sct7QW7865nyStH6eJciU1kqRbWSwZgQUDe-tOdY5vvTvJUPxdN8tkomrPLGV_T16eN0ldi518Bt5ezuCz8HfupHCbo7zK-J5vUkZ8Ker07FBWpxmg5ybxhUfxAA06dNoowaQhpC8xTkdJPCcHVC8YLa8_Xo_vIeHe8M9UpGXQQxmy0jRIH26biTknSQQL3Ohv0OBNmUZ79PZXiBJHOs86LPyDDgjRDppxDDw_88zJ1itCFRJHlnX9EA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNlM6BuMuZNrAHsi1-wav9rTgDsme0rFczaOW93DAjbcBEAEgAGCVgoeCmAeCARdjYS1wdWItNTg3NjQ3ODg3MjA0Nzc1OMgBCakCAdiDLVFQsj7gAgCoAwGqBKEDT9Dy2yjwda8yeGO5QWmmDfRwXKLAAlJqKJsyca_X1Esyyytkilc-g1MRzzNQEgf6EgvvGnkef5lOJruXmOpyKPE2grdIlkt3oXD2_nEBc6E5GvupkTGjWAWhcMxVtngQ6uvuUF8jw_kgKt_i3W5hKu-NMKTlWRHr4FlturfJ3uMrfBp34gNUXp56Yl_yJD00PPgaE5-r9hSxZIlG7B28-nJMqfBNno4ayzMFO_d84rR2Je9H2s6eQ56iRgl9q5qeo8T8sGNCrsNiqIjOkOm8MJjSJrb5U4KS0S-pJAgZpvQ2pwZNIrR7O3FUJLEJHKiK2urw6LkE9BnrSkcvLTxsgsgkmQv4qmeG9s3DyxRETO0Ob4IdvhHijA-ERw3gMxXa5oo-xXCLhimF_C7EEoyXB0sMhamNGGOY4JkpVwSSgXILz4wqycE1GsQhreu1-PQ6rxtCaClkR3RZdUqus-54HGkIzNdOchpt5RC0LJhN9R7xxaZsVd8o_phWMRJeRJou4rdgV6DMyflzmLJBdIJw9CUd0R1-o0XaL00ZN4N1lwfS4AQBgAaxq8ilwu-P2QigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_10Rb4ihnSdGG6IUJUmZpl-0jpQ6w%26client%3Dca-pub-5876478872047758%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Mar 2024 15:19:35 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame BCD7 2 KB
1 KB 62ms
39ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Mar 2024 15:19:35 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame BCD7 308 B
636 B 54ms
34ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 31 Mar 2024 15:19:35 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame BCD7 293 B
621 B 89ms
69ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 31 Mar 2024 15:19:35 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame BCD7 43 B
348 B 39ms
27ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=6V55seszIm7dXU_S3bdHcd4lelBwqffs5NfJFLbL8OLfm1-I9FC8QXo6nAHytsVanRr3Aw5DDZCoU-vRbhJErhTH014Omj1UhdDLNJxcOQe_FWwFAF4a7wKvlLr3xCUYHTCsAIIkV3VW_cPw0nb9fbXBU5IHczCVjK1zdH6qDuv_uMxgs1YCtmDJ9IDwukp1F98yMAnAMubedTGH3PKfZDlY6mtuu0t-78KTU-ga5lrzhqndl6IWz6MMazJAoCvWqM6lHH1Si2fcNpoIQAB1WiGLRFokMAWbTxhoQ5k7678U8UJNzxPVUFFgPBrVQWSs8CDyoThf7v36F3nrStvhSGtXFXxifEamevM4eW8FJ-wMDY6qW6BN2y6c5jxgd8xJg8d4nVvr6j9XU9Poxs4T6gZAd8SEaE_7zw2TJaeWEeXJ9xtr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1477764
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame BCD7 12 KB
5 KB 27ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1271681
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOjVOFhaV0eW2mMBqGuWIK3uj5002wJJ9TVjuz8w0O1t%2FdzKdzOffddje1SVWh5NsHzLm9l0VStt8XvCctr9UieNuFyHE2Cn3XGaXv3aHdYNn5yV7lmUa2paCoSz%2B2FivQiKEVN7p0r40aOpQAhJ02zU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b3b028cdeae3638-FRA
expires: Tue, 26 Mar 2024 15:19:35 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame BCD7 12 KB
6 KB 82ms
74ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Mar 2024 15:19:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BCD7 11 KB
12 KB 292ms
142ms Image
image/png 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=340&m=0&partner=7562&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F7562%2F230126%2Fcfbd564a117f47559d3e9be7992dbb11_screenshot_2022-11-03_at_12.37.08.png&v=3&w=440&s=WeylxgD3EvRE72klfR4UpYgH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

46ba9f36ce69709ce29fa0be2daba8517e04c152e70d3c2d5a7fcffd5feda051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29943473
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11723
expires: Mon, 18 Mar 2024 04:57:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BCD7 51 KB
51 KB 258ms
108ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?m=0&partner=7562&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F7562%2F230126%2Fa3ca73ab5cbf4036b74d26f4bf9f6302_img_horizontal_1.jpg&v=3&s=RBwfyuzLSB6USZvdJYEBf5uS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

2315cf88b88f1526df22a135c625f2e5ea86c46e3aa0432f9b0b9ef5a462fe03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30005939
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 51720
expires: Mon, 18 Mar 2024 22:18:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BCD7 33 KB
33 KB 268ms
118ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?m=0&partner=7562&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F7562%2F230126%2F0233105c31174a7b9080518edf8dcb3a_img_horizontal_5.jpg&v=3&s=rue39kcHuIz3dDoQYRDGSjkg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d2ec7a12144a988f7b57d03ebe34441287beea498512f2262de9ba269c6baa7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30052443
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33950
expires: Tue, 19 Mar 2024 11:13:38 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BCD7 48 KB
48 KB 214ms
65ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?m=0&partner=7562&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F7562%2F230126%2F8cf5da9537364c968296c6f6084dbc4b_img_horizontal_6.jpg&v=3&s=6IN-qnxq9rMnPH513VCllNC1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

90fac6f1b43e8d01504b1afe8b958b1d253ce4784a1ece168276cce7bb0ea569

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30070797
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48818
expires: Tue, 19 Mar 2024 16:19:32 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame BCD7 0
127 B 73ms
34ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=S7MvodrdeTLxBElhzEWObhwsUFfh0URncEGsqRe8m-Ou5Zmr3JQGP80bzw5oXCJidxJKk4VTQw-2lFGsDcbDqtp835BeEzrlWW1BGlMkWJ8on4a6I2OvJAAkacehSGbucwOeIe1rHHoaRMdY8INmgKRpFXguO2f3p0icfOULfjkmwFCx0eeQVCDZgaWbdCYT5y0_UOP9ZjRquS9hX0TXiARvVYYFyC8XsPJhm21bZJ3Y7LmX7dEGy80my2B3coSJuFoYWA&sds=2&rev=85712&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 06 Apr 2023 15:19:34 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BCD7 2 KB
1 KB 73ms
73ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Mar 2024 15:19:35 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame BCD7 2 KB
1 KB 62ms
62ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Mar 2024 15:19:35 GMT

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame E7FF 2 KB
899 B 65ms
64ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Mar 2024 15:19:35 GMT

GET
H2 200 sourcesanspro-400.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame BCD7 2 KB
854 B 57ms
57ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:04 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1e0-8a8"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Mar 2024 15:19:35 GMT

GET
H2 200 sourcesanspro-400-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame BCD7 13 KB
13 KB 168ms
83ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1df-32ec"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Mar 2024 15:19:35 GMT

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame E7FF 16 KB
17 KB 182ms
99ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Mar 2024 15:19:35 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0AF6 0
861 B 28ms
27ms Script
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Apr 2023 15:19:35 GMT
AN-X-Request-Uuid: 39e6307b-6489-48bf-8ae4-01b48598d3ab
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.26; 217.114.218.26; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 120ms
70ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202303300101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

636d5b31f60bdd869e798c5f14107d6d2b6f5b8c9c830d97cb6c15c8e379e4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11263
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 15:19:35 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9145 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5735
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 13:44:00 GMT
expires: Fri, 05 Apr 2024 13:44:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FB5F 783 B
968 B 31ms
30ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e9136e02a14d3115090bf271dc333f977c9933456a8c47b2593eb706f959fc7a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EqSC3g0eZtlCSTzuVcUfrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.timesnownews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-EqSC3g0eZtlCSTzuVcUfrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 15:19:35 GMT
expires: Thu, 06 Apr 2023 15:19:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9145 36 KB
14 KB 61ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8c53aaee52e675ce8282d0b6772699ad9f7b707553319fb257011698c3c27ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 17:53:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14303
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Apr 2024 17:53:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FB5F 0
0 86ms
52ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202303300101&jk=366488744759348&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9145 0
10 B 18ms
18ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JKaz8A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame E7FF 0
127 B 39ms
39ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 06 Apr 2023 15:19:35 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
254 B 176ms
107ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a00003ALsQFAA1&gdpr=0&src=pbjs&ver=6.29.3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Apr 2023 15:19:36 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.timesnownews.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
321 B 60ms
43ms XHR
application/json 54.154.146.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.146.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-146-140.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:36 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.timesnownews.com
cache-control: no-cache
x-server: 10.45.22.239
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
393 B 48ms
48ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 7c38b32bd30d36fd7801ba6371ee1e5afe065a6b3d845e46fd2de06865b04867

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Apr 2023 15:19:36 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.timesnownews.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 06 May 2023 15:19:36 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
186 B 139ms
62ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=156537
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156537/445/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.timesnownews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:36 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.timesnownews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5CD1 42 B
174 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYN8NtybDqwT2JThYQv1p2mQmrp_gj1TRTFQgAmNtdGb-3D5gxD0B4n-ZSnBOJauYymTli4VF3GeifXP65prA9rKY&sig=Cg0ArKJSzHh6X0tfrVmJEAE&id=lidar2&mcvt=1000&p=5,310,95,1290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230405&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=598348027&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680794374928&rpt=431&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 15:19:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
55ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202303300101&jk=366488744759348&bg=!FRalFkLNAAYIJb0jKCU7ADkAdvg8Wq13f8E6GZDcTGhpMigCuJQ4d4Ff8g7wWSo4-BopHi52HcERua572Q7kCT9gD1KluR1FEmACAAAATlIAAAADaAEHmQKyFZbURPzmG36WFcKsZf8y6r3XxZm5KJoIj8Ih-9Q9dmcC5_fDWhkg7fSg8N5cGOD1DlAMZt0akF7_grWXHZw_f6HSANcK1Ti4mEcTznn_GVJtqBTQKgJzdkWmAEmVwHSR8xbqzU4lptHPdTJm5pLG23j8FcI-r4IyuVmJFfxC3Q9n1_FkQEL9qBat6e29HONU5YX-nDGm5G47b5i7XcwwKGjHSdyhbnppif2RImrbIYvX6VLGvWgytWJNjaBo0nZQzUNjhtu2IaUXSFx8XKlGOM65IHErqnJ-qgq7Jb8k8AUm-NKZlV9f2OYw70HN882bir2v6vgaIR-1qXFdgLQ09NqYTKN1Yz7AQ_-kD6CsW7hoksxO8e_Xzms6n6aXqVJdrhixaGawbxMEmbjpP3D3LlQ7LB444DHYlAeQR-eUic0lZ-dlt54ky3dqiWFhg4w_wRl4TqHLqTD4jmc7nxymAShW-RMwiQnvpo8akYrOLYRh1RxVK8HJtY_t5teYFkhb2-tLHToplmXlP1-hdHyl8JG8ixT7VhxwqO3cRTWiF-lDfUy7ayikqnyENBX3G_zT9-RKwtzX24yCCU9E3g_sD8tpNZzfgPK2A9k1ssj-2e9esrhU-N5iLBurSkGoLqzmbirHmOVuY5AWzcn0Pc9z82OBs4AKAxwb1JYY-x_8fGdfS5By3wWsJRqUBb2h3qsk9FReYcAcopoBPFR0k342Y-E-8sxISq9Xvmw8Y2c4Kh4ZMugJ6_lkmw6GULfqkWPzl2EPk4n9ODRV7ZsAmvjId82MJ5eXaYDFdUV8Q2mYh162p4KWTxd1Q7jtD2lMM6hTz-AsFnm1xAUr6RA8MrdlDOuZc4deRzylKb6Ct1FdAvC9ttoA_xdvPrEIfN7ukhD4ggooTYR71XN5gS2qUKkymCj3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame F4C3 0
260 B 90ms
24ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156537&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156537
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:35 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 ibeat.min.js Show response
agi-static.indiatimes.com/cms-common/ 13 KB
5 KB 225ms
44ms Script
application/json 2a02:26f0:6c00:1ad::3857
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://agi-static.indiatimes.com/cms-common/ibeat.min.js
Requested by: Host: www.timesnownews.com
URL: https://www.timesnownews.com/india/threat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:1ad::3857 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c2fedf955f2114ffaa39be325ae5bcb7f60de66f47a2291a691cd97a59c7021

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 15:19:38 GMT
content-encoding: gzip
x-amz-request-id: PQ8F2XN9MWKQ0BB7
x-amz-server-side-encryption: AES256
content-length: 4251
x-amz-id-2: p4t/rv8FE1igIc1elHKUVmHvzJNe4Pb8yGpdVgdeXouO1EtMrDGo602kNsAvaOMFblMcLPeZ5Co=
last-modified: Thu, 09 Feb 2023 10:35:42 GMT
server: AmazonS3
etag: "b991f5c02126048fdfb1f1490e43b8c5"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET,POST
access-control-expose-headers: Date
cache-control: max-age=31518
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 07 Apr 2023 00:04:56 GMT

GET
H2 200 ping
api.ibeat-analytics.com/ 0
403 B 528ms
173ms Image
text/plain 2a02:26f0:6c00::210:bb08

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.ibeat-analytics.com/ping?&url=https%3A%2F%2Fwww.timesnownews.com%2Findia%2Fthreat-mail-sent-to-noida-news-channel-claims-plot-to-assassinate-pm-modi-up-cm-yogi-details-article-99287585&et=po&sid=47e26e35-a524-4ae1-8ade-01fec8cc7ff9&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36&ln=0&ref=&ut=1&pot=1680794378451&at=5000&tt=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb08 -, , ASN (),

Reverse DNS

Software

Bhoot /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timesnownews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Thu, 06 Apr 2023 15:19:38 GMT
x-content-type-options: nosniff
server: Bhoot
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://ibeatserv.indiatimes.com
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=118, origin; dur=1, ak_p; desc="466887_34650884_479800876_11583_9422_44_0";dur=1
access-control-allow-headers: content-type
content-length: 0
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

239 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.timesnownews.com/	1970-01-20 11:36:26	Name: _pbjs_userid_consent_data Value: 3524755945110770
.mgid.com/	1970-01-20 10:53:16	Name: __cf_bm Value: EPSdtRIOMzlECevs2x6TKZAzSfb.ayvlVsXl_.3ANlY-1680794373-0-AQ1gMHY6z6GHPsJSZ01FZCklPpAP3g0SEqdV8sXQqi79hTZ2A33lATZ2cCcT3t+GUFopLSac4sXuqxXToZGSNOQ=
.timesnownews.com/	1970-01-20 20:22:02	Name: _cb Value: Bqi4-xCZYCKVZmBBz
.timesnownews.com/	1970-01-20 20:22:02	Name: _chartbeat2 Value: .1680794373801.1680794373801.1.DI67trDVPu1GDqIZTiCH4u61BvTuUZ.1
.timesnownews.com/	1970-01-20 10:53:16	Name: _cb_svref Value: null
.timesnownews.com/	1970-01-20 20:29:14	Name: _grx Value: f884e8d9-55a1-4241-bde5-0cbaa68f76a8
.timesnownews.com/	1970-01-20 20:29:14	Name: _ga Value: GA1.2.747394426.1680794374
.timesnownews.com/	1970-01-20 10:54:40	Name: _gid Value: GA1.2.900473983.1680794374
.timesnownews.com/	1970-01-20 10:53:14	Name: _gat_gtag_UA_64032556_12 Value: 1
.izooto.com/	1970-01-20 20:29:14	Name: IZCID Value: d6127d94-1d87-4a4e-9856-e62cd127607c
.rubiconproject.com/	1970-01-20 19:38:50	Name: khaos Value: LG59KNAQ-I-KDOA
.rubiconproject.com/	1970-01-20 19:38:50	Name: audit Value: 1\|naVuGyos1qoSa+E11XkRhbU1ZxogGjlwOA+xFj1I9sdpdF/86rQGb0yMfY+9zoPycGo/FXllJk+QnGUMpWA3DXKY++jymV4/GQP1iLI3TC2Ou+Ayq12NSQ==
.timesnownews.com/	1970-01-20 20:29:14	Name: _ga_77TJDBEN7S Value: GS1.1.1680794373.1.0.1680794374.0.0.0
.indiatimes.com/	1970-01-20 20:29:14	Name: deviceid Value: a940sgdc6ki5esybcy8cr1pp6
www.timesnownews.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1122598%22%3A%7B%22page%22%3A1%2C%22time%22%3A1680794374499%7D%2C%22C1122574%22%3A%7B%22page%22%3A1%2C%22time%22%3A1680794374488%7D%7D
.adnxs.com/	1970-01-20 13:02:50	Name: uuid2 Value: 4928928972027488064
.casalemedia.com/	1970-01-20 19:38:50	Name: CMID Value: ZC7jBocOCv3dp42aYNqlvgAA
.casalemedia.com/	1970-01-20 13:02:50	Name: CMPS Value: 3332
.casalemedia.com/	1970-01-20 13:02:50	Name: CMPRO Value: 3332
.pubmatic.com/	1970-01-20 19:38:50	Name: KADUSERCOOKIE Value: 46CEAF80-04EC-4F0E-8E2D-34689A8DCE7C
.pubmatic.com/	1970-01-20 13:02:50	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 10:54:40	Name: pi Value: 156537:2
.pubmatic.com/	1970-01-20 13:02:50	Name: DPSync3 Value: 1681948800%3A241_235_201_245
.pubmatic.com/	1970-01-20 13:02:50	Name: SyncRTB3 Value: 1681948800%3A161_56_3_220_21_13_7_54_8%7C1682035200%3A35
.quantserve.com/	1970-01-20 13:02:50	Name: d Value: ELABCwHYKPijAA
.quantserve.com/	1970-01-20 20:23:28	Name: mc Value: 642ee306-9ad67-afdf2-dfdac
.weborama.fr/	1970-01-20 20:19:09	Name: AFFICHE_W Value: qZtHFt6UJiOp92
.simpli.fi/	1970-01-20 19:40:16	Name: suid Value: 2CDF720EEFFB4FC18567A75E1E4BA93C
.adform.net/	1970-01-20 11:36:26	Name: C Value: 1
.de17a.com/	1970-01-20 19:31:38	Name: guid Value: 1.3233307829599660863
.adform.net/	1970-01-20 12:19:38	Name: uid Value: 5719805236478613551
.doubleclick.net/	1970-01-20 20:14:50	Name: IDE Value: AHWqTUmsPoPn7dEhLCZom9bZi8VVcAIKfZ_Q4IAJH_e5RB-9gRnIE-3u4KbID5YHWjA
.yahoo.com/	1970-01-20 19:39:11	Name: A3 Value: d=AQABBAbjLmQCEM-hIiYOBeCKby7tX35ILHEFEgEBAQE0MGQ4ZAAAAAAA_eMAAA&S=AQAAAvQMXMHZ6sRSgjtPp6XQkRI
.pubmatic.com/	1970-01-20 11:36:26	Name: KRTBCOOKIE_153 Value: 1923-dhMHTCUUBR9tHlRNdhAYSCZDUxttQ1NNIUSLIM5g&KRTB&19420-dhMHTCUUBR9tHlRNdhAYSCZDUxttQ1NNIUSLIM5g&KRTB&22979-dhMHTCUUBR9tHlRNdhAYSCZDUxttQ1NNIUSLIM5g&KRTB&23462-dhMHTCUUBR9tHlRNdhAYSCZDUxttQ1NNIUSLIM5g
.pubmatic.com/	1970-01-20 11:36:26	Name: KRTBCOOKIE_80 Value: 16514-CAESEMLsTav1E8hrbkpzhjltlNw&KRTB&22987-CAESEMLsTav1E8hrbkpzhjltlNw&KRTB&23025-CAESEMLsTav1E8hrbkpzhjltlNw&KRTB&23386-CAESEMLsTav1E8hrbkpzhjltlNw
.turn.com/	1970-01-20 15:12:26	Name: uid Value: 4405112478713697268
.analytics.yahoo.com/	1970-01-20 19:38:50	Name: IDSYNC Value: 175w~2axr
.pubmatic.com/	1970-01-20 11:36:26	Name: KRTBCOOKIE_336 Value: 5844-3233307829599660863
.pubmatic.com/	1970-01-20 11:36:26	Name: KRTBCOOKIE_391 Value: 22924-5719805236478613551&KRTB&23263-5719805236478613551
.pubmatic.com/	1970-01-20 11:36:26	Name: KRTBCOOKIE_57 Value: 22776-4928928972027488064&KRTB&23339-4928928972027488064
.pubmatic.com/	1970-01-20 11:36:26	Name: PugT Value: 1680794373
.doubleclick.net/	1970-01-20 10:53:15	Name: test_cookie Value: CheckForPermission
.timesnownews.com/	1970-01-20 20:14:50	Name: __gads Value: ID=6733c0b8754bc5a6:T=1680794374:S=ALNI_MY9Ei-9YTPS0ufJSP-VgTCM4OxSyQ
.timesnownews.com/	1970-01-20 20:14:50	Name: __gpi Value: UID=00000bfc2de29869:T=1680794374:RT=1680794374:S=ALNI_Mapfmqi3-G_0IoLXWPpcNrw8epFRQ
.audrte.com/	1970-01-20 11:14:50	Name: arcki2 Value: cafAZENEyPsTyKWsnuHx-p5wg!20220908!1680794374973!ip#217.114.218.26
.audrte.com/	1970-01-20 11:14:50	Name: arcki2_pubmatic Value: 46CEAF80-04EC-4F0E-8E2D-34689A8DCE7C!20220908!1680794374976
.amazon-adsystem.com/	1970-01-20 20:29:14	Name: ad-privacy Value: 0
.audrte.com/	1970-01-20 11:14:50	Name: arcki2_ddp2 Value: cafAZENEyPsTyKWsnuHx-p5wg!20220908!1680794375127
.amazon-adsystem.com/	1970-01-20 17:22:02	Name: ad-id Value: Az6es88uWkbRpurSiFGbOog
.audrte.com/	1970-01-20 11:14:50	Name: arcki2_adform Value: 5719805236478613551!20220908!1680794375290
.mathtag.com/	1970-01-20 20:19:09	Name: uuid Value: 5313642e-e307-4000-abaa-97b74f62c764
.pubmatic.com/	1970-01-20 11:36:26	Name: KRTBCOOKIE_27 Value: 16735-uid:5313642e-e307-4000-abaa-97b74f62c764&KRTB&16736-uid:5313642e-e307-4000-abaa-97b74f62c764&KRTB&23019-uid:5313642e-e307-4000-abaa-97b74f62c764&KRTB&23114-uid:5313642e-e307-4000-abaa-97b74f62c764
.linkedin.com/	1970-01-20 19:38:50	Name: bcookie Value: "v=2&b34c91c8-149a-49e6-8a81-36553f49dac8"
.linkedin.com/	1970-01-20 15:12:26	Name: li_gc Value: MTswOzE2ODA3OTQzNzU7MjswMjH4X4l76yQt9yxd6qEPO9D4YTZPf9P3WYHYj3IfPW+v2w==
.linkedin.com/	1970-01-20 10:54:40	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2548:u=1:x=1:i=1680794375:t=1680880775:v=2:sig=AQGNG0cxpi2gQnYRzwVHvLXwT25qrvqB"
www.timesnownews.com/	1970-01-20 12:19:38	Name: pubmatic-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-04-06T15%3A19%3A36%22%7D
.pubmatic.com/	1970-01-20 11:36:26	Name: SPugT Value: 1680794375
www.timesnownews.com/	1970-01-20 15:16:02	Name: _iibeat_session Value: 47e26e35-a524-4ae1-8ade-01fec8cc7ff9
www.timesnownews.com/	1970-01-20 11:36:26	Name: _iibeat_vt Value: 20230306

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ow.pubmatic.com/cookie_sync/?sec=1 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=46CEAF80-04EC-4F0E-8E2D-34689A8DCE7C&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://accounts.google.com/gsi/status?client_id=516427900873-frpulpnsvv3886s9vlsc2pvq2nhj0uvg.apps.googleusercontent.com&as=e%2B%2FqRDl62%2F0A%2FivOHl70Pg Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.teads.tv
a25c6b5edbbd231762fcf19473d45e69.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ad.turn.com
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
agi-static.indiatimes.com
api.ibeat-analytics.com
apiprod.timesnownews.com
c.amazon-adsystem.com
c.mgid.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.indexww.com
cdn.izooto.com
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
cr.frontend.weborama.fr
csm.eu.criteo.net
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
geoapi.tnn.in
hbopenbid.pubmatic.com
ib.adnxs.com
id.crwdcntrl.net
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imageproxy.eu.criteo.net
imasdk.googleapis.com
img.rtbsystem.org
js-sec.indexww.com
jsc.mgid.com
jsso.indiatimes.com
jssocdn.indiatimes.com
lexicon.33across.com
mab.chartbeat.com
match.adsrvr.org
match.prod.bidr.io
onelinksmartscript.appsflyer.com
ow.pubmatic.com
pagead2.googlesyndication.com
ping.chartbeat.net
pix.eu.criteo.net
pixel.rubiconproject.com
platform.instagram.com
platform.twitter.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
s-img.mgid.com
s.amazon-adsystem.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
servicer.mgid.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.chartbeat.com
static.criteo.net
static.growthrx.in
static.tnn.in
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
syndication.twitter.com
t.pubmatic.com
timesnetwork-d.openx.net
token.rubiconproject.com
tpc.googlesyndication.com
tvid.in
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.timesnownews.com
www18.smartadserver.com
103.229.206.240
104.126.125.209
104.18.10.47
104.18.11.47
104.244.42.72
108.138.1.25
13.32.106.197
13.32.121.17
142.250.185.194
151.101.1.108
178.250.1.6
178.250.1.9
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.82
185.64.190.84
185.80.39.216
185.86.138.151
185.89.211.132
198.47.127.20
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.183
23.35.236.201
2600:1901:0:8344::
2600:9000:2057:9600:18:1fcd:351:7bc1
2602:803:c003:200::21
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:1::6813:884e
2606:4700:3038::6815:eb89
2606:4700::6811:190e
2606:4700::6812:d941
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:803::2002
2a00:1450:4001:803::2008
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:812::200a
2a00:1450:4001:813::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::200d
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:400c:c00::9c
2a02:2638:3::12
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:3::f
2a02:2638:d::11
2a02:2638:d::13
2a02:2638:d::c
2a02:26f0:3500:11::215:14de
2a02:26f0:480:39d::3857
2a02:26f0:64:681::3621
2a02:26f0:6c00:1ad::3857
2a02:26f0:6c00:1bb::2a5b
2a02:26f0:6c00::210:bb08
2a02:26f0:6c00::210:bb29
2a02:26f0:6c00::210:bb32
2a02:26f0:6c00::210:bb68
2a02:26f0:6c00::210:bb8a
2a03:2880:f21c:81c4:face:b00c:0:43fe
2a03:2880:f21c:81e5:face:b00c:0:4420
2a04:4e42:200::714
2a05:d018:d29:3601:26a7:915d:b928:9358
3.33.220.150
3.71.149.231
34.111.129.221
34.111.131.239
34.232.231.107
34.98.64.218
35.204.158.49
37.157.2.234
5.135.209.97
52.30.78.52
52.46.155.104
52.94.222.140
54.154.146.140
54.225.127.60
69.173.144.138
69.173.144.165
88.221.169.49
00b189dceeb6f14649a6979dc813ddc5159549369cab461bb51c0294f5115fdf
021fe4673cb0762e9c4c45ad7a0c6a2b69db05f42408073fd32ce4ab81d1c7a2
05fb8eca3cac855529e8d64b4323aed56d9e4ae01148ee6ee7a9140941e3e9ee
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076f74f8e97fbd22e086bc8f5537864a50a2fb36eb4d640752eb4681e72c5fc2
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
092fa1045d197de4b38e716a2cc4a0014c4e3b92c5ae115150d597a90de87e79
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
0adb2c0646a607411b429d7f7a35fc778d7c4e2cb1d0c30ca645cd5192f48aaf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c175f94fbe20da20efa4ef57dcb795b8083a1a6127802dc0e67b2625653bd5a
0c3f5dafbc4d89ff4ffc12e65464ed6b118fb6ebe2cf670552c24fa6ba3f42b2
0c811b06fa5b8010785099354ba94c81e70092258cea6ddebccf8952287bb235
0cb197f6f7bfd999dd8b16f4a17bbb3041d22ab7f8ed146a60cdcfb9190a7979
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0dd73964e0d701c6ed31ada67ddfa6d69c4be7fca2bbe878994022549d2865c4
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
186812cd80f3f8fc9cf6451df14067638a5af07180af18cf2ea382861b775137
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c13806d0ae421c1e8c6fdf5fb3c5ca2fab8168a629da38a7f9321dd7de0af5d
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1f60bc7dded1ffa50971ae8a96f0a40e206dd349ebb41078567851848dc001eb
2315cf88b88f1526df22a135c625f2e5ea86c46e3aa0432f9b0b9ef5a462fe03
247198729eb208f121bb2afb84209287356fca8b7c0f31ccad61caf36936ae92
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f85d997063fdb80708677583880a46ad84458d7d04e4c9f66ddc29aa735f5cc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34b579173efce5b56acd1e45a832614f1ba6889e7898718625eb2f036e855231
37a238e5dec2146a70624bf7f0f2331a25cbd51ceb95c39df83086782da23820
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3c2fedf955f2114ffaa39be325ae5bcb7f60de66f47a2291a691cd97a59c7021
3c322d2185869dcf510003ef20fc71c9a13fb3567ce6bc111f33f21636e7f951
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
46117cd5dd92a7c23f9b9abe02a533f3b625ee59a4d4d5758122c6382516f0d6
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46ba9f36ce69709ce29fa0be2daba8517e04c152e70d3c2d5a7fcffd5feda051
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ad86e4afd6ec129c99738488c425fca45522ddd0231c46564e1e071d59e3048
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f24aba3c3acdc3cff6194d7831432e690322ecc87eddd54e68088675b4ab129
5056f93d2315caf4c9d3a9c6a47f7b7ecbb29d2544909b9b1f296f6ab17e6b29
543b9774a8201539a5481d89a87e5c1f5eaad01410ff7a94775f09cd3a4a78d9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c6442b9ddd1a32ac3df7be8e7b134105a5a0a74030d934a891bc05ba5a69388
5d77929611a49cee720db03cfa320d1a7adc96ba5ab75d005bf2900a71538c97
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5ff815c2bbdba8aa147e44311990e054a5021de502e6cd79ffe7d04404ba9ac0
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
619b438c0edb8dd5482148fc76901f1af39be7a61d7c77568c1ac9c6988c8e61
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636d5b31f60bdd869e798c5f14107d6d2b6f5b8c9c830d97cb6c15c8e379e4c2
65f471fef221d996710dc52325f851da7a84abb11e31349b8d9dbac03fb21688
66019a14c7a446b614109364529f0fc53ebf28e9dafcd3771121e19bfc50270f
66d94c080fb79b680bfe06e973326cd7310c01a177a44d439b47cd6e4c20bd53
686f72e90972758db00d6a52914d2a8a5d849d4e12e4e871ca934d0bef17835d
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
69198458f0e562635b7fc1c942f88bc1451cb315bd41c4e3dd9a997b3dd5fa70
693b1e29d7296d8231c4d6868f792b1389c3d933245371accb20b802c6146cd0
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6cb191aa1a2ad570477b385959b558b5916aa5008f151b4ab9100fa2ea22bd4c
6cf2f763bc558a79479c3151a2459902be51ee91e05806dfc4415f4e14ff66d6
6d60981e838ab9df007f58e3ab6a742bf6516d84b0204b838502fb951ddfa758
6e409ad9cb9d6e73cdce8fd0f84c40329b34168cdeca1230bd371e0715b44d6d
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72f100a2a6a7cd2ccef3e79dbf46b5fa2821daf411ffd8e6429e4e6e62b26dae
731574e91e9031c7cf84fc4eaa7d40a90bd3f0bc513e35ab1f1737c448f3fcd1
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77321b91c3194589463793cef1ac42b4e2374a51146e4bc3d5a486077ff1f217
797b3ba3847ad7a2f9e57d80c2facf4a4a54e1ee800a61ccba38faec60b5471e
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a45e54b3007cf827926980231002644b7a75614e07febdecf41ed6ea47be063
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7c38b32bd30d36fd7801ba6371ee1e5afe065a6b3d845e46fd2de06865b04867
7c81fb12693302c027fb6f81b8afe5c36f9a187ea9c11d98d3a47e40024f3705
7d756007634d0d47c5d681421e9df6e138995fe0f247c5c17f87277fb66a1092
7dd66327f3a9df4fdf0c9c601efa90c406e432f7007137467767115e19817bce
7ddb1dfa87784ba6d20da067525e482da242947b01f73c478929590608bc3ec5
80c1e1ac3c87115854e5bceffdf916959fb9278e9782dfb3124abe2b7dfb0379
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b0b4cf19e0e192f51a39a51df8b709a1019d01a95115c99396ad7c612f92b73
8d25a0e1702668dd643fe6d3178ea4ff57d06282ca9fd6173d3f95deed3eb7b6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90fac6f1b43e8d01504b1afe8b958b1d253ce4784a1ece168276cce7bb0ea569
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
95ef23651da5043776c8f1da1d593e3a7ce538b0d7706c0961a1687487deb647
98e038b4db16f5033bdca3ee0ecd9284afaf352695ffa5a32753fc996a12ebdf
9907fc9d9d55b94d66759440f89dc09e0c70128c03045300ccdd1d31d98710cc
991fe33155584583fa75319093a543a4f074e91a7db90ab8b6fbb2f39aa1023d
9d753d7e4ff89a3ccb19db9079885345c3869bcfcd08118edbaacd605487fab7
9feab3fefb0b32e8e59ee33031c8bc3918a76201441080fb072f93133ef9380d
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1da28e800518ff1302a3a67c4e4876910229c52554291a25b280dcd01d42ea6
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a510677284d928d6efbc9b2f3e9d88fe1bc8f0be327da4f8d634a9ff04f573fb
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a741eb6a7948e21ae14aa87a17470a79a9a7a64df4a0993a42fa7f0b9ed83ead
a8c53aaee52e675ce8282d0b6772699ad9f7b707553319fb257011698c3c27ee
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9c59d428ca2f246581987e8e3132db0c62e7e4ee64b823779940a2db0a32f79
aeeb8dc0b990ac066d90f3ee37d372a4e4757ac06425797195b3d7af00afc76b
aefb4605e33667c5eab919352461823eb85bb1269482bc2c58d1446e1fe71b40
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6e7aed079d176a0b4dac32e74a1550cb2b219410d5d9bf62295982337ae9b67
b99dca5809dd32899a5345e0135061e6ec0da3bc07cf388ffbb565a588a815d6
bc45e40040cf0de904e32e617ce08358bbd663d8244986dbe7e3437ee59532ad
bc4c79e8d7f87579fa81d44b5d6bbda4bbe652abd26c90b30d1cd7a4e4451b43
bdbaf7ad9623cbf4cf34c4748d7ac5d760097fde17b3f46a3ae8fd3fc35d7bd9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d70a4a2a7922c9d02554ddf6fb2a4b4da58f003918251c6cbbadf9f6040878
c4ab1e75878be136902195ffa060c7627f882debc0e507d3748c83958b5e0293
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d1588d95d6698b243c121f7494595dab7b220e285baf9917a942ded852f307d1
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d2caf811318d269bd28dce1ea50a314ceaec1e20bc05a2a1ca3ffbd280534c7c
d2ec7a12144a988f7b57d03ebe34441287beea498512f2262de9ba269c6baa7f
d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372
d574f6520896627ad2e548717d6f7b70b6d95b5c7b9b01607cb6328658cf6919
d5ffb8aef851fbf4e52ae7523e046182dc7837cefc22f118ff715a4b8f130867
d60b84b7316948dc5d2c9c0e04cba3abcd0900169da2433f6923d8b116293376
d7f6b041eeb5b285adf64dee7391bd6a18fbde965a78985eb737e16da0a8ce41
d8300329d489464127469486667ead54ac1bdd6f27daec99b37e49696f1ceec1
da9d46dc7ae9a2c535b65a6bdf23b7f731bfe6733571fe87cd9655fca86bde08
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd8909252c52dfef05074dcac3a82cfc39a5bd431a45011ec7a205fd4d570b22
ddfd865e7f12769fb2bda5bcaa84657980cae7117acc679be6877a2d318909b5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
e0b365b4e93297ed7b4b20a2aabf3a32f791fb8cdfdd44ff06297968f0fba9ce
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57a30e2ef18d808a1afa350e0b33e22376ef7a5b341e7d791dbe6486f345882
e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3
e9136e02a14d3115090bf271dc333f977c9933456a8c47b2593eb706f959fc7a
e93b7d5fabcfdc7f2e7966b3d2cfa76f322cc60d65c35d9ae1cfa155431abe7c
edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdcdc125d15eb772a0511057ab33b7462a0ae6ef4307d4f3d42d4b42a67b904
f129a1eeda59ae34fd2fa8019c1d8b08aae8d858ea76ae1e8ba23c70c75b6024
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5b2c402fd409d42a6004166d6bb4072cce6256c4c95f7f071c5bcc359013386
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
f897f04b20f4362748a67f889e2f0445841235bc7082a84f2bdf4ae559930f95
f90e7bd1d0187490f546431f0caa98a9109fe1c1024efd417acd98e38ee1dd73
fe16f6ce2698fde7c1103654b0b5d7f39541993822d0d5c92181c4dd629054bd

www.timesnownews.com Open in urlscan Pro 2a02:26f0:6c00::210:bb8a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

235 Requests

89 %HTTPS

53 %IPv6

49 Domains

97 Subdomains

80 IPs

12 Countries

3398 kBTransfer

10671 kBSize

59 Cookies

12 Outgoing links

Redirected requests

235 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.timesnownews.com Open in urlscan Pro
2a02:26f0:6c00::210:bb8a Public Scan

Screenshot
Live screenshot

Full Image

235
Requests

89 %
HTTPS

53 %
IPv6

49
Domains

97
Subdomains

80
IPs

12
Countries

3398 kB
Transfer

10671 kB
Size

59
Cookies

235 HTTP transactions
3 data transactions