URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328...
Submission: On April 11 via api from US — Scanned from DE

Summary

This website contacted 64 IPs in 8 countries across 38 domains to perform 216 HTTP transactions. The main IP is 2a02:26f0:3500:894::1ac0, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.businesstoday.in. The Cisco Umbrella rank of the primary domain is 184276.
TLS certificate: Issued by GeoTrust RSA CA 2018 on December 15th 2021. Valid for: a year.
This is the only time www.businesstoday.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
33 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 3 99.86.4.3 16509 (AMAZON-02)
2 92.122.147.28 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 15 142.250.185.130 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21d... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.175.55.208 14618 (AMAZON-AES)
1 23.32.59.34 16625 (AKAMAI-AS)
3 185.33.221.89 29990 (ASN-APPNEX)
1 2602:803:c004... 26667 (RUBICONPR...)
3 204.237.133.116 62713 (AS-PUBMATIC)
2 2a00:1450:400... 15169 (GOOGLE)
1 99.86.4.128 16509 (AMAZON-02)
1 99.86.4.55 16509 (AMAZON-02)
1 54.77.91.70 16509 (AMAZON-02)
2 8 2.20.157.55 16625 (AKAMAI-AS)
2 23.205.235.133 16625 (AKAMAI-AS)
2 2.20.156.240 16625 (AKAMAI-AS)
3 52.223.40.198 16509 (AMAZON-02)
4 4 69.173.144.138 26667 (RUBICONPR...)
2 3 52.94.220.185 16509 (AMAZON-02)
2 4 69.173.144.139 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
3 5 52.46.130.91 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 216.200.232.249 30419 (MEDIAMATH...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 216.52.31.49 29791 (VOXEL-DOT...)
1 1 3.228.229.208 14618 (AMAZON-AES)
1 51.75.146.199 16276 (OVH)
1 3.248.131.63 16509 (AMAZON-02)
16 2a00:1450:400... 15169 (GOOGLE)
1 138.201.135.164 24940 (HETZNER-AS)
1 2 74.121.143.241 30419 (MEDIAMATH...)
1 95.101.184.254 16625 (AKAMAI-AS)
3 185.33.220.145 29990 (ASN-APPNEX)
2 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
4 185.64.189.226 62713 (AS-PUBMATIC)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.162 15169 (GOOGLE)
1 4 138.201.63.150 24940 (HETZNER-AS)
1 2 142.250.181.230 15169 (GOOGLE)
1 88.99.70.21 24940 (HETZNER-AS)
216 64
Apex Domain
Subdomains
Transfer
33 tosshub.com
akm-img-a-in.tosshub.com — Cisco Umbrella Rank: 52602
292 KB
27 googlesyndication.com
a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
238 KB
26 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
static.doubleclick.net — Cisco Umbrella Rank: 340
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293
8019191.fls.doubleclick.net — Cisco Umbrella Rank: 216945
286 KB
16 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 343
350 KB
12 google.com
accounts.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 4
adservice.google.com — Cisco Umbrella Rank: 77
88 KB
11 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 458
eus.rubiconproject.com — Cisco Umbrella Rank: 567
token.rubiconproject.com — Cisco Umbrella Rank: 675
pixel.rubiconproject.com — Cisco Umbrella Rank: 350
15 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 92
732 KB
9 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 461
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 457
image6.pubmatic.com Failed
t.pubmatic.com — Cisco Umbrella Rank: 4364
130 KB
8 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1212
s.amazon-adsystem.com — Cisco Umbrella Rank: 281
6 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 248
acdn.adnxs.com — Cisco Umbrella Rank: 597
cdn.adnxs.com — Cisco Umbrella Rank: 1424
ams1-ib.adnxs.com — Cisco Umbrella Rank: 7279
61 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
139 KB
8 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 282
fonts.googleapis.com — Cisco Umbrella Rank: 46
jnn-pa.googleapis.com — Cisco Umbrella Rank: 272
62 KB
7 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 463
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 556
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575
8 KB
7 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 1954
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3512
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3513
tracking.crazyegg.com — Cisco Umbrella Rank: 3461
32 KB
5 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 31596
hal90008.redintelligence.net — Cisco Umbrella Rank: 257050
8 KB
5 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 445
tags.mathtag.com — Cisco Umbrella Rank: 2919
pixel.mathtag.com — Cisco Umbrella Rank: 1233
2 KB
5 intoday.in
recengine.intoday.in — Cisco Umbrella Rank: 138182
5 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 355
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 137
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
57 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
73 KB
2 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 1132
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 723
2 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5383
adservice.google.de — Cisco Umbrella Rank: 7579
1 KB
2 izooto.com
cdn.izooto.com — Cisco Umbrella Rank: 14939
50 KB
2 businesstoday.in
www.businesstoday.in — Cisco Umbrella Rank: 184276
65 KB
1 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 51671
24 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
33 KB
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1709
341 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 699
538 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1390
377 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1504
408 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 2329
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1170
201 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 107
26 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 212
3 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1216
14 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
42 KB
216 38
Domain Requested by
33 akm-img-a-in.tosshub.com www.businesstoday.in
akm-img-a-in.tosshub.com
18 tpc.googlesyndication.com www.businesstoday.in
a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com
cdn.ampproject.org
tpc.googlesyndication.com
16 cdn.ampproject.org securepubads.g.doubleclick.net
9 securepubads.g.doubleclick.net www.businesstoday.in
securepubads.g.doubleclick.net
www.googletagservices.com
9 www.youtube.com www.businesstoday.in
www.youtube.com
8 www.google.com 2 redirects www.businesstoday.in
www.youtube.com
a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com
7 pagead2.googlesyndication.com www.businesstoday.in
a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
6 cm.g.doubleclick.net 3 redirects www.businesstoday.in
ssum-sec.casalemedia.com
6 fonts.gstatic.com www.youtube.com
fonts.googleapis.com
5 s.amazon-adsystem.com 3 redirects www.businesstoday.in
ssum-sec.casalemedia.com
5 googleads.g.doubleclick.net 1 redirects www.youtube.com
a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com
www.businesstoday.in
5 recengine.intoday.in www.businesstoday.in
recengine.intoday.in
akm-img-a-in.tosshub.com
4 hal90008.redintelligence.net 1 redirects www.businesstoday.in
hal90008.redintelligence.net
4 t.pubmatic.com www.businesstoday.in
ads.pubmatic.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 pixel.rubiconproject.com 2 redirects www.businesstoday.in
4 token.rubiconproject.com 4 redirects
4 jnn-pa.googleapis.com www.youtube.com
4 script.crazyegg.com www.businesstoday.in
script.crazyegg.com
3 ams1-ib.adnxs.com ads.pubmatic.com
www.businesstoday.in
cdn.adnxs.com
3 aax-eu.amazon-adsystem.com 2 redirects www.businesstoday.in
3 match.adsrvr.org www.businesstoday.in
ssum-sec.casalemedia.com
ads.pubmatic.com
3 hbopenbid.pubmatic.com ads.pubmatic.com
3 ib.adnxs.com ads.pubmatic.com
acdn.adnxs.com
3 sb.scorecardresearch.com 1 redirects www.businesstoday.in
3 www.google-analytics.com www.businesstoday.in
www.google-analytics.com
www.googletagmanager.com
2 8019191.fls.doubleclick.net 1 redirects www.businesstoday.in
2 googleads4.g.doubleclick.net www.businesstoday.in
2 www.googletagservices.com securepubads.g.doubleclick.net
a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com
2 tags.mathtag.com 1 redirects www.businesstoday.in
2 sync.mathtag.com 1 redirects www.businesstoday.in
2 a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
8019191.fls.doubleclick.net
2 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
2 eus.rubiconproject.com ads.pubmatic.com
eus.rubiconproject.com
2 js-sec.indexww.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 fonts.googleapis.com ajax.googleapis.com
client
2 ajax.googleapis.com www.businesstoday.in
hal90008.redintelligence.net
2 ads.pubmatic.com www.businesstoday.in
ads.pubmatic.com
2 cdn.izooto.com www.businesstoday.in
cdn.izooto.com
2 accounts.google.com www.businesstoday.in
2 www.businesstoday.in akm-img-a-in.tosshub.com
1 cdn.contentspread.net hal90008.redintelligence.net
1 s0.2mdn.net www.businesstoday.in
1 cdn.adnxs.com ads.pubmatic.com
1 pixel.mathtag.com www.businesstoday.in
1 hal9000.redintelligence.net www.businesstoday.in
1 id.crwdcntrl.net ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 cm.adgrx.com ssum-sec.casalemedia.com
1 ad4m.at ssum-sec.casalemedia.com
1 adservice.google.de securepubads.g.doubleclick.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 ads.yahoo.com www.businesstoday.in
1 acdn.adnxs.com ads.pubmatic.com
1 tracking.crazyegg.com script.crazyegg.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 fastlane.rubiconproject.com ads.pubmatic.com
1 htlb.casalemedia.com ads.pubmatic.com
1 ping.chartbeat.net www.businesstoday.in
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.chartbeat.com www.businesstoday.in
1 static.doubleclick.net www.youtube.com
1 www.google.de www.businesstoday.in
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com www.businesstoday.in
0 image6.pubmatic.com Failed ads.pubmatic.com
216 71
Subject Issuer Validity Valid
www.aajtaklite.com
GeoTrust RSA CA 2018
2021-12-15 -
2023-01-03
a year crt.sh
accounts.google.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-04-08 -
2023-04-08
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2022-02-04 -
2023-02-03
a year crt.sh
*.google.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
www.google.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
www.google.de
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2021-05-20 -
2022-06-03
a year crt.sh
*.googleusercontent.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
edgestatic.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2021-12-01 -
2022-12-30
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-12-12 -
2022-12-13
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.crazyegg.com
DigiCert SHA2 Secure Server CA
2020-07-26 -
2022-07-23
2 years crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2021-12-10 -
2022-12-09
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.google.de
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-01 -
2023-03-28
a year crt.sh
*.id5-sync.com
R3
2022-03-08 -
2022-06-06
3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2021-04-29 -
2022-05-31
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
redintelligence.net
R3
2022-03-29 -
2022-06-27
3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA
2021-06-29 -
2022-07-07
a year crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA
2020-04-15 -
2022-04-22
2 years crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
contentspread.net
R3
2022-03-31 -
2022-06-29
3 months crt.sh

This page contains 19 frames:

Primary Page: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Frame ID: 0B64E0200A4D73D2F77C23B2450B1D06
Requests: 87 HTTP requests in this frame

Frame: https://akm-img-a-in.tosshub.com/mislenious/banner/conclave/crypto2.html?ver=1.5
Frame ID: 10C914F9BBBD408CDE02CDD4CA11F5D0
Requests: 3 HTTP requests in this frame

Frame: https://www.youtube.com/embed/fyOb7dDQiuY
Frame ID: B6A9ECD29C15A2459297416629E740B4
Requests: 20 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: F27F90578E5F9A52A6AA396922A5573D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0C34196A7196D72542854B22AE08E426
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A16441E5E170F2890D8083E61A1A55FF
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3403DBD5AF2053699256667DEC4EA76C
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C73A7DD4C6D2B6C6FD337B59BCA56F01
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.businesstoday.in%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 33CA52572C3F2793E6EFBD53A0F54DD1
Requests: 10 HTTP requests in this frame

Frame: https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 783C84825169D6FB53E5BDB6676EF940
Requests: 1 HTTP requests in this frame

Frame: https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E843EC63DDBDF6528694E2F239095428
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 25671047626D9B338AB7F40BC3313A4F
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOvBBoRdKP77CAZWhODiEfcC90elRx1QrAwQ371JxFRNSE7BhO1Hd7Gp0bDJCqfd5h-EAeOJZUdemh8mtHs32qMGSImy2bLaqcGxxOhUTdTnS_wPX8PDang2PF-rqQJDlXQGWhT1JwCPX_epTt67C0NI5z8VV3PWX948h2fymjdQ8ZPlc-9f8db2CvLK8tZRYTWrc9YEiX5CM19W8_B29r6LXxmgCrTEfLulyCxiozT3yuqMXU9-PaKRTYY0vP_tZfVBS0nMGVghXF5c9gbISjNjrzUdgC7p6ANs2ZT_9rSLzQ_bp_zjMXHqdLS2DX59HYG0ZLNo8KlcQ2AI86pQpniBrWnA&sig=Cg0ArKJSzF0POiparxeLEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: ACF8488F1F8D134EEC0BCB73B47A3357
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: C32CDEBAE779AF8CEAC5EFD4A551BECA
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: E305245AF96C449D9034E6F07AB37B6F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCp37T3ARjunu3BATAB&v=APEucNXFunX_SKJXoyGphGeZ9XikA4dqD5wb7uYY_xBnw6-pLE-s0FcSZ_cHtwLdYXO_PGUuhw4jJN6ulKEhf_3VD6NusEK6cw
Frame ID: 9CF40B1B17A75F1484BF768A33EDEF3B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 26E21E3DF75DCCF470BAB2FDA9E13C15
Requests: 3 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CODXv9O7jPcCFYRqGwod1LwNLw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6143850777058.117
Frame ID: 394E40DBC38C6A26F34CD3BB297E0D9B
Requests: 2 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=96921400142175700951421011926008&a=1665541e
Frame ID: DEC19892E7C589A225119BA0F35C2227
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

Your Android phone may be next target of new malware associated with Russia - BusinessToday

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • chartbeat\.js

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • cdn\.izooto\.\w+

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

216
Requests

90 %
HTTPS

52 %
IPv6

38
Domains

71
Subdomains

64
IPs

8
Countries

2835 kB
Transfer

8242 kB
Size

38
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://sb.scorecardresearch.com/b?c1=2&c2=8549097&ns__t=1649695768967&ns_c=UTF-8&cv=3.5&c8=Your%20Android%20phone%20may%20be%20next%20target%20of%20new%20malware%20associated%20with%20Russia%20-%20BusinessToday&c7=https%3A%2F%2Fwww.businesstoday.in%2Ftechnology%2Fstory%2Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05%3Futm_source%3Drssfeed&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=8549097&ns__t=1649695768967&ns_c=UTF-8&cv=3.5&c8=Your%20Android%20phone%20may%20be%20next%20target%20of%20new%20malware%20associated%20with%20Russia%20-%20BusinessToday&c7=https%3A%2F%2Fwww.businesstoday.in%2Ftechnology%2Fstory%2Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05%3Futm_source%3Drssfeed&c9=
Request Chain 47
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 111
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.businesstoday.in%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.businesstoday.in%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 113
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDExMmFlODQwMjk1YTUxN2Y0ODdjZGU4NzY4Nzc5ZjJhMzMwYWQ0MQ
Request Chain 114
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7cd-5IxHQCCZfTiPpvSGeA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=7cd-5IxHQCCZfTiPpvSGeA
Request Chain 115
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1UY9LJC-P-IQXH&sigv=1&esig=2~00074e30b565d94d4a69c39bfb98a60e3f5ade55
Request Chain 116
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFVWTlMSkMtUC1JUVhI
Request Chain 117
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/EASN7cXoq112mJbPM0yjHg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=545040011050497949
Request Chain 118
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2pDfl-27RCyLiP7LIHkVUg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2pDfl-27RCyLiP7LIHkVUg
Request Chain 119
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAgIFMuC7e1QF1LdhAWiqEc&google_cver=1
Request Chain 124
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlRcGYxuwX0nuaICePq77AAABFYAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlRcGYxuwX0nuaICePq77AAABFYAAAAB&dcc=t
Request Chain 127
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YlRcGYxuwX0nuaICePq77AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHerI2DKFYLPIZbK-UQXaSA&google_cver=1&gdpr=1
Request Chain 128
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=95f06254-5c19-4900-bbc0-e258daeeafd7&gdpr=1&gdpr_consent=
Request Chain 131
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=bb4a333f-d62d-4c2d-a76b-2cc6a251c93e&expiration=1681231769
Request Chain 147
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTVRVeVpUZGpNRGd0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUxMjI1OTk0ODk3NTY1NjIyMzEvNjYyMjQwMS80NTYyMzEyLzEzL1BlbXpRQWFSM0I1dVJGREFuYjNKUDU4YktQdWt4Y3hfWGEtRlhRZUE4RnMvMS8xMy8wLzAvOTU2ODAzLzM2NDk3NDk2NjcvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzUxMjI1OTk0ODk3NTY1NjIyMzEvYW1zLzAvMTYwNS83OC85OTkvMzIyLzIxNy4xMzguMTk0LjAvMC4wMDAvMTY0OTY5NTc2OC8xNjQ5NzA4MzY4LzEzLzk0NjAv/vq8RSw4a6GRRBQW0ZE9Zi36mylQ&nodeid=3148&group=cdg&auctionid=5122599489756562231&shardkey=5122599489756562231&sid=4562312&cid=6622401&bp=a_bahafd&nfy_act=LD5wew&bfip=185.29.132.39&type=imp&client=c2s HTTP 302
  • https://sync.mathtag.com/sync/img?sync=auto&source=bidder&mt_lim=1&type=1,2
Request Chain 194
  • https://hal90008.redintelligence.net/request.php?zone=9odysa1gd1m7&nw=20&renderingType=javascript&namespace=6999a46793&subid=&uid=18183f2d9d68bfb8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5122599489756562231%26mt_id%3D6622401%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.businesstoday.in%2Ftechnology%2Fstory%2Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05%3Futm_source%3Drssfeed&ancestorOrigins=https%3A%2F%2Fwww.businesstoday.in&random=6951195661420&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90008.redintelligence.net/request.php?zone=9odysa1gd1m7&nw=20&renderingType=javascript&namespace=6999a46793&subid=&uid=18183f2d9d68bfb8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5122599489756562231%26mt_id%3D6622401%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.businesstoday.in%2Ftechnology%2Fstory%2Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05%3Futm_source%3Drssfeed&ancestorOrigins=https%3A%2F%2Fwww.businesstoday.in&random=6951195661420&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 195
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 196
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 206
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6143850777058.117 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CODXv9O7jPcCFYRqGwod1LwNLw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6143850777058.117

216 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05
www.businesstoday.in/technology/story/
210 KB
58 KB
Document
General
Full URL
https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
40d945676c751eb896b8fcf330573d2beab64fdcadb74624606c4414ed21207b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=0, no-cache
content-encoding
gzip
content-length
59265
content-type
text/html; charset=UTF-8
date
Mon, 11 Apr 2022 16:49:27 GMT
expires
Mon, 11 Apr 2022 16:49:27 GMT
itgd-akmttl
2592000 public
itgd-ittl
2592000 public
pragma
no-cache
vary
Accept-Encoding
x-backend
Yes
x-cache-hits
0
x-frame-options
SAMEORIGIN
x-varnish
588524
menu-white-logo.png
akm-img-a-in.tosshub.com/businesstoday/resource/img/
2 KB
2 KB
Image
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/resource/img/menu-white-logo.png
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
25132b45d865d91cf834922bd594f2d2d0448512924f6fc905c11bfb26adf165

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:27 GMT
x-check-cacheable
YES
x-serial
212
etag
"e632ef5baff881ef3def726f4970f93f"
access-control-allow-methods
GET,POST,PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
last-modified
Wed, 09 Jun 2021 06:21:04 GMT
content-length
2004
server
Akamai Image Manager
expires
Tue, 12 Apr 2022 04:49:27 GMT
logo.png
akm-img-a-in.tosshub.com/businesstoday/resource/img/
3 KB
4 KB
Image
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/resource/img/logo.png
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
99bb5faa9615340d1ec91fc1de173d8d6bd2ccdb19a93e9714cd042013c3e831

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:27 GMT
last-modified
Thu, 18 Nov 2021 06:22:32 GMT
server
Akamai Image Manager
etag
"16ed545e532949822bfed7c5ffdc6bb4"
access-control-allow-methods
GET,POST,PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
3444
expires
Mon, 02 May 2022 06:23:51 GMT
default.png
akm-img-a-in.tosshub.com/businesstoday/resource/img/
2 KB
2 KB
Image
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/resource/img/default.png?size=948:533
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
2376d8cb428c2af90520bb2d02bf54dd09a500ac57d31ea487157d224f42002e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:27 GMT
last-modified
Thu, 02 Sep 2021 15:20:13 GMT
server
Akamai Image Manager
etag
"166ed98c1cc913a834e7be84fded4339"
access-control-allow-methods
GET,POST,PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
2240
expires
Fri, 06 May 2022 15:27:18 GMT
js_recengine_bt.js
recengine.intoday.in/static/js/
15 KB
4 KB
Script
General
Full URL
https://recengine.intoday.in/static/js/js_recengine_bt.js
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
b34abdfeadd6cb6c90d36cd04a92d10e4f1c7611c2f82c134a05f51d22a9ff77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:27 GMT
content-encoding
br
last-modified
Sat, 26 Mar 2022 09:13:24 GMT
server
Akamai Resource Optimizer
etag
W/"1648285866.0-15641-2203785761"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=43200
content-length
4036
expires
Tue, 12 Apr 2022 04:49:27 GMT
trinity-min.js
akm-img-a-in.tosshub.com/sites/player/media/trinity/
4 KB
2 KB
Script
General
Full URL
https://akm-img-a-in.tosshub.com/sites/player/media/trinity/trinity-min.js?v=26082021
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c11cb2c6c64f64bcc10ce5465a02099c66ca774e79647046afed52774d06e679

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
ZWilhTqrv7K68Dn86U6yMiv6mPW0ntQk
content-encoding
gzip
etag
"cc6353d35a9c0e6fcccc57186b9920a8"
x-amz-request-id
18EXMP91BS6C72GA
x-amz-meta-cb-modifiedtime
Thu, 26 Aug 2021 15:06:42 GMT
x-amz-replication-status
COMPLETED
content-length
1424
x-amz-id-2
ICFs88QdnuBDZgGpTBNX1kyuoLVq8tupsLfM3mSBPumfLOF4f6a96EKIBULDkHnTDGCcaCXRLkk=
last-modified
Thu, 26 Aug 2021 15:10:12 GMT
server
AmazonS3
date
Mon, 11 Apr 2022 16:49:27 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1296000
accept-ranges
bytes
expires
Tue, 26 Apr 2022 16:49:27 GMT
rss-icon.png
akm-img-a-in.tosshub.com/sites/mailer/
528 B
767 B
Image
General
Full URL
https://akm-img-a-in.tosshub.com/sites/mailer/rss-icon.png
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
db654d72138b7b3b225eddad5517641279cff0c56bd23ffe5e05f198853cab3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:27 GMT
last-modified
Mon, 07 Jun 2021 12:05:39 GMT
server
Akamai Image Manager
etag
"b340113ff81d42bf988746d6930f9cb3"
access-control-allow-methods
GET,POST,PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=1296000
content-length
528
expires
Tue, 26 Apr 2022 16:49:27 GMT
youtube-icon.png
akm-img-a-in.tosshub.com/sites/mailer/
476 B
714 B
Image
General
Full URL
https://akm-img-a-in.tosshub.com/sites/mailer/youtube-icon.png
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
78039c286cb0c22c87f8fa3b1997dfc78151e6852989ab465db5bc9616574f29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:27 GMT
last-modified
Mon, 07 Jun 2021 12:05:41 GMT
server
Akamai Image Manager
etag
"39369dc2f0aa6534a8c8a812279d3035"
access-control-allow-methods
GET,POST,PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=1296000
content-length
476
expires
Tue, 26 Apr 2022 16:49:27 GMT
jquery.mCustomScrollbar.css
akm-img-a-in.tosshub.com/businesstoday/resource/css/
42 KB
4 KB
Stylesheet
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/resource/css/jquery.mCustomScrollbar.css?v=11112021-54
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40790d44e3deecffafb17b8cdd23a754eabb0faee9c6dfeb3a3b7b17c2fbaa6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
uexYxCy4oDQT52CfLo28S2IyYh4hcKZF
content-encoding
gzip
etag
"cbcf66b061469a47cc0c9265e4caa3fc"
x-amz-request-id
47XST1G8X1FKW7FN
x-amz-meta-cb-modifiedtime
Mon, 24 May 2021 15:10:50 GMT
x-amz-replication-status
COMPLETED
content-length
3988
x-amz-id-2
wAL795PIcvZ1Q1Bt7dauQZd8Y8TyrBLbfK+YO6rSisbWG1dMLYSIOWr5ZmEjIRx4GhDBIy1YG9w=
last-modified
Tue, 25 May 2021 06:18:40 GMT
server
AmazonS3
date
Mon, 11 Apr 2022 16:49:27 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
footer-pg.css
akm-img-a-in.tosshub.com/businesstoday/resource/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/resource/css/footer-pg.css?v=11112021-54
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2acbf4a77fc8756062b3a78fa5f0f91ae5bceba0c580d506257bc179c1c28a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
5GjF7VBuc6ffec_dc38N2aeEf2ubs5cm
content-encoding
gzip
etag
"fce0e93933707d157fbc854a182099b2"
x-amz-request-id
47XZ3RBD7VK517V7
x-amz-meta-cb-modifiedtime
Mon, 24 May 2021 15:10:50 GMT
x-amz-replication-status
COMPLETED
content-length
1485
x-amz-id-2
h+ypAyJjLraeRGoyrVuPhC9jDKbwX6Zi/rcGC4x9PmtkNUk8QVewf04FaixsIgIe7PM6qZz8ho0=
last-modified
Tue, 25 May 2021 06:18:40 GMT
server
AmazonS3
date
Mon, 11 Apr 2022 16:49:27 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
jquery-3.5.0.min.js
akm-img-a-in.tosshub.com/businesstoday/resource/js/
87 KB
31 KB
Script
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/resource/js/jquery-3.5.0.min.js?v=21032022
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
Y8zZ2NUyi_QlYaojFC5fZrqW2nGrsY4D
content-encoding
gzip
etag
"12108007906290015100837a6a61e9f4"
x-amz-request-id
C3ZC6FSW0EERFFV7
x-amz-meta-cb-modifiedtime
Mon, 24 May 2021 15:10:50 GMT
x-amz-replication-status
COMPLETED
content-length
30951
x-amz-id-2
z9ZPpdv3m0MgE3Yw03pDDdjPCodbmNfmV3q56fPNE2JHm9JXGAbXBZR3OAbIfnUpLjAptqBz7r4=
last-modified
Tue, 25 May 2021 06:13:27 GMT
server
AmazonS3
date
Mon, 11 Apr 2022 16:49:27 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
lazysizes.min.js
akm-img-a-in.tosshub.com/businesstoday/resource/js/
7 KB
4 KB
Script
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/resource/js/lazysizes.min.js?v=21032022
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
C34NyMFvU9faJIIhKg8la6qyMh_rpCRY
content-encoding
gzip
etag
"0812d0f17b90a4aefd97bb91085ad252"
x-amz-request-id
C3Z8C03ASPP9SQ4S
x-amz-meta-cb-modifiedtime
Mon, 24 May 2021 15:10:50 GMT
x-amz-replication-status
COMPLETED
content-length
3378
x-amz-id-2
ehknSZ+zIQcoNNfZFY63cPMuqF7FjZPqeOLYiq9uf/PGSc0N0yJqjJyo0R14Td8BdxFV2XnkH00=
last-modified
Tue, 25 May 2021 06:13:27 GMT
server
AmazonS3
date
Mon, 11 Apr 2022 16:49:27 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
jquery.mCustomScrollbar.concat.min.js
akm-img-a-in.tosshub.com/businesstoday/resource/js/
44 KB
13 KB
Script
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/resource/js/jquery.mCustomScrollbar.concat.min.js?v=21032022
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
nVC2FQhDW1H5KbfIaSDhxZxrHtAsZgku
content-encoding
gzip
etag
"42a368e95b4a38989c8984c672d29ec0"
x-amz-request-id
C3Z6B2A6E9KHNV2Q
x-amz-meta-cb-modifiedtime
Mon, 24 May 2021 15:10:50 GMT
x-amz-replication-status
COMPLETED
content-length
12940
x-amz-id-2
d5XbtjS9JW+79lePM1IMUqdPky9X76jpuCxMQIBVAsFtAacrxKXJOZJvUC3MbVon8GfEg0CNqD4=
last-modified
Tue, 25 May 2021 06:13:28 GMT
server
AmazonS3
date
Mon, 11 Apr 2022 16:49:27 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
script.js
akm-img-a-in.tosshub.com/businesstoday/resource/js/
15 KB
4 KB
Script
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/resource/js/script.js?v=21032022
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbd1ee1a8f65a79557da9f34938083f8e92d94da746b279723b16133e5049bc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
5F4jIG2R7UsAlXI7JSxYb2eRzecxYiER
content-encoding
gzip
etag
"fd43216801a41f960795538b17d7503d"
x-amz-request-id
C3Z0N2YF8SJSXHC8
x-amz-meta-cb-modifiedtime
Wed, 12 Jan 2022 14:33:53 GMT
x-amz-replication-status
COMPLETED
content-length
3439
x-amz-id-2
v8JRijZIEOpKLVhLumhTAZ5HEZkmbwcmvOBLKzxKaQWiQInWwpSPtNLxCax89Ocn1rxBLfN87Kc=
last-modified
Mon, 21 Mar 2022 10:03:03 GMT
server
AmazonS3
date
Mon, 11 Apr 2022 16:49:27 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
swiper.min.css
akm-img-a-in.tosshub.com/businesstoday/resource/css/
17 KB
3 KB
Stylesheet
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/resource/css/swiper.min.css?v=11112021-54
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8657b6a85995ea86f4e8b2cd084095476f54c13dd6a684010b1528ad79b086ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
u2xSmJfw9P6kXcws6hikxQ.OQGV2Kq6G
content-encoding
gzip
etag
"f26bf4619f64fd31bffaab301793fd6e"
x-amz-request-id
47XPTG2W4P34HR70
x-amz-meta-cb-modifiedtime
Mon, 24 May 2021 15:10:50 GMT
x-amz-replication-status
COMPLETED
content-length
2693
x-amz-id-2
2FZwxWM3ct80Oy4PP5cFvRU6dMlM+M2spOpibS7FM2+U1eKZI2LkVWd7RQy8cxA+hrliJsTiyXE=
last-modified
Tue, 25 May 2021 06:18:41 GMT
server
AmazonS3
date
Mon, 11 Apr 2022 16:49:27 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
swiper.min.js
akm-img-a-in.tosshub.com/businesstoday/resource/js/
125 KB
33 KB
Script
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/resource/js/swiper.min.js?v=21032022
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
SjX_6OLaG7EV._cB8amYaBHCt2px1sq7
content-encoding
gzip
etag
"53fc0155c6c3cb55f34b749325ebb370"
x-amz-request-id
C3ZCGG61S2D22TPQ
x-amz-meta-cb-modifiedtime
Mon, 24 May 2021 15:10:50 GMT
x-amz-replication-status
COMPLETED
content-length
33302
x-amz-id-2
yqbZOD6ytUBGrF3c75dkWuJUr1UStjy3uVxqeiBVQ7GilO4/LhLiEE7jXRsy6a1tyk6/ShUAxSU=
last-modified
Tue, 25 May 2021 06:13:27 GMT
server
AmazonS3
date
Mon, 11 Apr 2022 16:49:27 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
client
accounts.google.com/gsi/
182 KB
73 KB
Script
General
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
16e35c56efa545782c446eb31b3c9fba6a8dcfbbd3ee3aea81e199953f845940
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-YLlOqrYynI694oqc1BJlKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-YLlOqrYynI694oqc1BJlKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx"
expires
Mon, 11 Apr 2022 16:49:27 GMT
gdpr_changes.min.js
akm-img-a-in.tosshub.com/sites/common/js/gdpr/
7 KB
3 KB
Script
General
Full URL
https://akm-img-a-in.tosshub.com/sites/common/js/gdpr/gdpr_changes.min.js?v=1.1
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6edf3e83cbcec12731cf5e9640f27de793eb0b1d256fb3e2ce5769875f5f5016

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
RtKDPr0vUGx538_43awislcy8NVFas1n
content-encoding
gzip
etag
"781d233508813ef8fc231c19e1175d6b"
x-amz-request-id
BD552E3120763A51
x-amz-meta-cb-modifiedtime
Fri, 16 Aug 2019 11:24:56 GMT
x-amz-replication-status
COMPLETED
content-length
2554
x-amz-id-2
o7uilxdfSk2z5K6+2JDM5wZIeLttBJlgbhuR6tLfe3PjH7TnbOYsEkFTTYgEgJ8UTWYyn62WM0U=
last-modified
Fri, 16 Aug 2019 11:25:59 GMT
server
AmazonS3
date
Mon, 11 Apr 2022 16:49:27 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1296000
accept-ranges
bytes
expires
Tue, 26 Apr 2022 16:49:27 GMT
4822.js
script.crazyegg.com/pages/scripts/0022/
5 KB
2 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0022/4822.js
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb3c6bb58280a9f49e213bd2f184b3ec062f79caf4bdb71a9427ebe780064d49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:27 GMT
content-encoding
gzip
cf-cache-status
HIT
age
265663
cf-polished
origSize=5359
cf-ray
6fa537330ae50dfe-MXP
ce-version
11.1.403
last-modified
Fri, 08 Apr 2022 15:01:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-bgj
minify
842341e48cf7d47c2f34a6915eacf3497270ed76.js
cdn.izooto.com/scripts/
1 KB
958 B
Script
General
Full URL
https://cdn.izooto.com/scripts/842341e48cf7d47c2f34a6915eacf3497270ed76.js
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e5b201a55b7a54cc436c5aa79ed2aa8f117e38e68dec01ddb00cdb36aa67f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:27 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1822267
x-xss-protection
1; mode=block
last-modified
Tue, 02 Feb 2021 10:05:28 GMT
server
cloudflare
etag
W/"601923e8-41e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
access-control-allow-origin
*
expires
Thu, 12 May 2022 16:49:27 GMT
cache-control
public, max-age=2678400
cf-ray
6fa53732fbb5374a-MXP
cf-bgj
minify
bt-logo-35.png
akm-img-a-in.tosshub.com/businesstoday/resource/img/logo/
302 B
553 B
Image
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/resource/img/logo/bt-logo-35.png
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
498f34c0db7c4019cbdedd7ad7b10b03a757c144526f6cf48a3004abdcfe3b25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:27 GMT
x-check-cacheable
YES
x-serial
1280
etag
"99df08db45f282b853ad519ec5afcfc0"
access-control-allow-methods
GET,POST,PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
last-modified
Wed, 29 Dec 2021 13:08:25 GMT
content-length
302
server
Akamai Image Manager
expires
Tue, 19 Apr 2022 13:08:59 GMT
player-cross-comm.js
akm-img-a-in.tosshub.com//sites/player/media/
1 KB
927 B
Script
General
Full URL
https://akm-img-a-in.tosshub.com//sites/player/media/player-cross-comm.js?v=11112021-54
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de826da05f2e54f8fe37923f9f73961558284163e3c1813878c2cf5a03d7dc66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
9dbkRJ6.NZczbfa6bZ596WQLPEUDxocR
content-encoding
gzip
etag
"3279e90c3d7c643a3d5c800facb72aab"
x-amz-request-id
47XRC7V213C6NWP4
x-amz-meta-cb-modifiedtime
Fri, 05 Jun 2020 13:16:55 GMT
x-amz-replication-status
COMPLETED
content-length
467
x-amz-id-2
2US2JxZgfPal94I6pYA2pME2phhhETvWcnWcWgY8UeXACLI2PG/7zwdelTP/ll0umcnpI1VOMJM=
last-modified
Fri, 05 Jun 2020 13:22:29 GMT
server
AmazonS3
date
Mon, 11 Apr 2022 16:49:27 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1296000
accept-ranges
bytes
expires
Tue, 26 Apr 2022 16:49:27 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1936
date
Mon, 11 Apr 2022 16:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 11 Apr 2022 18:17:11 GMT
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-3.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 03:13:55 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
48936
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
CRtBl9j2t0_SkBV87KAWUZ0SZtRSzCjryRvP7gSCMG7Wc4q8f2OQcw==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/156066/550/
365 KB
111 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/156066/550/pwt.js
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-147-28.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c3c7fb03e1ddbd9a33d9c91db10b8820e0260e265165630e9adcba6808a02b34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:27 GMT
content-encoding
gzip
last-modified
Thu, 03 Feb 2022 15:07:09 GMT
server
Apache/2.2.15 (CentOS)
etag
"1400d65-5b445-5d71e7d01ad13"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=46347
accept-ranges
bytes
content-type
text/javascript
content-length
113235
expires
Tue, 12 Apr 2022 05:41:54 GMT
gtm.js
www.googletagmanager.com/
117 KB
42 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M57NDHZ
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1fb81ca8b101a61c74c3eabd324dff14282581888d1adc4a4c6d1d314157ddc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43016
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 16:15:05 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 11 Apr 2022 16:49:27 GMT
crypto2.html
akm-img-a-in.tosshub.com/mislenious/banner/conclave/ Frame 10C9
1 KB
991 B
Document
General
Full URL
https://akm-img-a-in.tosshub.com/mislenious/banner/conclave/crypto2.html?ver=1.5
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26ad50c5c8eb132fdf7e17a607f91351453d5f9abcad27d55e71006a1ffc913e

Request headers

Referer
https://www.businesstoday.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
GET,POST,PUT
access-control-allow-origin
*
content-encoding
gzip
content-length
576
content-type
text/html
date
Mon, 11 Apr 2022 16:49:27 GMT
etag
"1cf88b2ac6f1b57d29a5b39fc4b31052"
last-modified
Thu, 24 Mar 2022 11:01:52 GMT
server
AmazonS3
vary
Accept-Encoding
x-amz-id-2
XFeIh+wVuj+XfXIU79dpqEdg4cTM1Nn71G8fFxFmNFj68Fl3xOaSIMkH1gjLULHqO7HmoIZe+gE=
x-amz-meta-cb-modifiedtime
Thu, 24 Mar 2022 11:01:22 GMT
x-amz-replication-status
COMPLETED
x-amz-request-id
6YDARK00YSMRT5F9
x-amz-version-id
rcEystMCYaO4NTC8EWaEbZO8lvnw10xf
fyOb7dDQiuY
www.youtube.com/embed/ Frame B6A9
61 KB
26 KB
Document
General
Full URL
https://www.youtube.com/embed/fyOb7dDQiuY
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
52adda577f454b0cd3cf5c53729295990e852cecbf612d9b52a39afb62fdf26f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.businesstoday.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Mon, 11 Apr 2022 16:49:27 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
0
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.5.18/
16 KB
7 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 09:56:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6490
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Apr 2023 09:56:31 GMT
bt-text-img.png
akm-img-a-in.tosshub.com/sites/mailer/
3 KB
3 KB
Image
General
Full URL
https://akm-img-a-in.tosshub.com/sites/mailer/bt-text-img.png
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
0ffb113993e253be3eec2efc880455e05037f1a3d35f666c880671ef4fece280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:27 GMT
last-modified
Mon, 07 Jun 2021 12:05:41 GMT
server
Akamai Image Manager
etag
"02373cc6c3fa236d9b619a3464a41cc1"
access-control-allow-methods
GET,POST,PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=1296000
content-length
2668
expires
Tue, 26 Apr 2022 16:49:27 GMT
collect
www.google-analytics.com/j/
4 B
213 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1311914944&t=pageview&_s=1&dl=https%3A%2F%2Fwww.businesstoday.in%2Ftechnology%2Fstory%2Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05%3Futm_source%3Drssfeed&ul=en-us&de=UTF-8&dt=Your%20Android%20phone%20may%20be%20next%20target%20of%20new%20malware%20associated%20with%20Russia%20-%20BusinessToday&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1256814101&gjid=578636365&cid=713257619.1649695769&tid=UA-795349-14&_gid=82590303.1649695769&_r=1&_slc=1&cd1=Shubham%20Verma&cd2=technology&z=3040575
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.businesstoday.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.businesstoday.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
446 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-795349-14&cid=713257619.1649695769&jid=1256814101&gjid=578636365&_gid=82590303.1649695769&_u=YEBAAEAAAAAAAC~&z=844318645
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.businesstoday.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 11 Apr 2022 16:49:27 GMT
content-type
text/plain
access-control-allow-origin
https://www.businesstoday.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player.css
www.youtube.com/s/player/3b5d5649/ Frame B6A9
346 KB
46 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/3b5d5649/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fyOb7dDQiuY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
924d56b948a5e7b6dbec58c81f4b620607ddbd7a5c7ea1243bd38a4b3246b2b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/fyOb7dDQiuY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 11:36:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
18752
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47442
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 00:23:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 11 Apr 2023 11:36:55 GMT
www-embed-player.js
www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/ Frame B6A9
278 KB
86 KB
Script
General
Full URL
https://www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fyOb7dDQiuY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0f9f4c769334f1972f3d7a07b826c6a393a6ba78975e27bb7d9215349eea97b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/fyOb7dDQiuY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 08:47:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
28919
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87898
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 00:23:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 11 Apr 2023 08:47:28 GMT
base.js
www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/ Frame B6A9
2 MB
525 KB
Script
General
Full URL
https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fyOb7dDQiuY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9363ffc9759572b04d38ac4b5e6d94efbbe7133544786d73713c8cf418c9c1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/fyOb7dDQiuY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 14:56:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
352399
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
537836
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 00:23:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 07 Apr 2023 14:56:08 GMT
fetch-polyfill.js
www.youtube.com/s/player/3b5d5649/fetch-polyfill.vflset/ Frame B6A9
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/3b5d5649/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fyOb7dDQiuY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/fyOb7dDQiuY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 05:05:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
42236
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 00:23:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 11 Apr 2023 05:05:31 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B6A9
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fyOb7dDQiuY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 11:18:05 GMT
x-content-type-options
nosniff
age
538282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Apr 2023 11:18:05 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=8549097&ns__t=1649695768967&ns_c=UTF-8&cv=3.5&c8=Your%20Android%20phone%20may%20be%20next%20target%20of%20new%20malware%20associated%20with%20Russia%20-%2...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=8549097&ns__t=1649695768967&ns_c=UTF-8&cv=3.5&c8=Your%20Android%20phone%20may%20be%20next%20target%20of%20new%20malware%20associated%20with%20Russia%20-%...
0
190 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=8549097&ns__t=1649695768967&ns_c=UTF-8&cv=3.5&c8=Your%20Android%20phone%20may%20be%20next%20target%20of%20new%20malware%20associated%20with%20Russia%20-%20BusinessToday&c7=https%3A%2F%2Fwww.businesstoday.in%2Ftechnology%2Fstory%2Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05%3Futm_source%3Drssfeed&c9=
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Server
99.86.4.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-3.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:27 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
MwPSDHkldrc4wQV6AfHeknMGdTtQdHDPvjSbhejJdhPwvMGTN-Zu3A==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=8549097&ns__t=1649695768967&ns_c=UTF-8&cv=3.5&c8=Your%20Android%20phone%20may%20be%20next%20target%20of%20new%20malware%20associated%20with%20Russia%20-%20BusinessToday&c7=https%3A%2F%2Fwww.businesstoday.in%2Ftechnology%2Fstory%2Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05%3Futm_source%3Drssfeed&c9=
date
Mon, 11 Apr 2022 16:49:27 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
CgdU_x-hDs_f90TtQfjxlbwu5vKGmZoiWhDx1OhdiTJG3EWvoTvFbA==
x-cache
Miss from cloudfront
getmixarticles
recengine.intoday.in/recengine/bt/
291 B
373 B
XHR
General
Full URL
https://recengine.intoday.in/recengine/bt/getmixarticles?model=BT&utm_source=recengine&utm_medium=web&content_id=328668&count=10&login_id=&src=story&target=story&uid=
Requested by
Host: recengine.intoday.in
URL: https://recengine.intoday.in/static/js/js_recengine_bt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89b::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
50608a903ebd6a878462bb7dd03e64d1aecb413d086fd77e2476e582a6adf6c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 11 Apr 2022 16:49:27 GMT
server
nginx
content-length
291
content-type
text/html
css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800&display=swap
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
42e7de41a233cfcdd7d8e6b129d36836d23ac94f15c689bba604150941bd509e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 16:32:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 11 Apr 2022 16:49:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Apr 2022 16:49:27 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-795349-14&cid=713257619.1649695769&jid=1256814101&_u=YEBAAEAAAAAAAC~&z=1410563976
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-795349-14&cid=713257619.1649695769&jid=1256814101&_u=YEBAAEAAAAAAAC~&z=1410563976
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
83 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
26fccb658a45dcf76062e830e2ff552f4dc79c3add33db4dbc6b36ed4fc297a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28397
x-xss-protection
0
server
sffe
etag
"1184 / 612 of 1000 / last-modified: 1649675564"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 11 Apr 2022 16:49:27 GMT
optimize.js
www.google-analytics.com/gtm/
95 KB
37 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-N6LMVBH
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M57NDHZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4709716119a7428d27db284884cd50414a6510baae565aba79e949adfb0ce3de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:27 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37573
x-xss-protection
0
expires
Mon, 11 Apr 2022 16:49:27 GMT
cssp.js
akm-img-a-in.tosshub.com/sites/recengine/tracker/2.11.0/
97 KB
30 KB
Script
General
Full URL
https://akm-img-a-in.tosshub.com/sites/recengine/tracker/2.11.0/cssp.js
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f15ad02b2ddf09e38a5a8b555d56f3df517799a276bc3c50cadbb6b2b8ef1bf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
8dspjT3Q9QgyWM17QDX0EDUJvQvOmeVv
content-encoding
gzip
etag
"e0e5020156288e92205ce8d558436c0d"
x-amz-request-id
WTK8G6M5GWEQWC2E
x-amz-replication-status
COMPLETED
content-length
30436
x-amz-id-2
TkLPcR4qLacv7myOwJAS68cpUwEXbncGe+JAbzYGCvA948w9NlIeHITxQ1htekT87EWnWrX1IgE=
last-modified
Thu, 03 Jun 2021 06:43:26 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:501/gname:media/uname:media/gid:1003/mode:33188/mtime:1593701832/atime:1622670054/md5:e0e5020156288e92205ce8d558436c0d/ctime:1593701832
date
Mon, 11 Apr 2022 16:49:27 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=1296000
accept-ranges
bytes
expires
Tue, 26 Apr 2022 16:49:27 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.businesstoday.in
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 22:45:30 GMT
x-content-type-options
nosniff
age
497037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Apr 2023 22:45:30 GMT
crypto_strip_lg.jpg
akm-img-a-in.tosshub.com/mislenious/banner/conclave/ Frame 10C9
32 KB
32 KB
Image
General
Full URL
https://akm-img-a-in.tosshub.com/mislenious/banner/conclave/crypto_strip_lg.jpg
Requested by
Host: akm-img-a-in.tosshub.com
URL: https://akm-img-a-in.tosshub.com/mislenious/banner/conclave/crypto2.html?ver=1.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
327be9b1cbcca51410216533c9ac4410ac4eb11c5d81d86e57eaba40496875aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://akm-img-a-in.tosshub.com/mislenious/banner/conclave/crypto2.html?ver=1.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:27 GMT
last-modified
Thu, 24 Mar 2022 07:32:53 GMT
server
Akamai Image Manager
etag
"83f9b74d689edd543fb63ca34206e803"
access-control-allow-methods
GET,POST,PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=43200
content-length
32922
expires
Tue, 12 Apr 2022 04:49:27 GMT
crypto_strip_sm.jpg
akm-img-a-in.tosshub.com/mislenious/banner/conclave/ Frame 10C9
12 KB
12 KB
Image
General
Full URL
https://akm-img-a-in.tosshub.com/mislenious/banner/conclave/crypto_strip_sm.jpg
Requested by
Host: akm-img-a-in.tosshub.com
URL: https://akm-img-a-in.tosshub.com/mislenious/banner/conclave/crypto2.html?ver=1.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
5f5f021602b67755898f4138b0c263451dbc3d7b50d11ed6239975f2c456d90a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://akm-img-a-in.tosshub.com/mislenious/banner/conclave/crypto2.html?ver=1.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:27 GMT
last-modified
Thu, 24 Mar 2022 07:33:56 GMT
server
Akamai Image Manager
etag
"54f24cd6ee9580b425fece83dafd3131"
access-control-allow-methods
GET,POST,PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=43200
content-length
12286
expires
Tue, 12 Apr 2022 04:49:27 GMT
id
googleads.g.doubleclick.net/pagead/ Frame B6A9
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fyOb7dDQiuY
Protocol
H3
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57a7519c1d48faca976b1c6f9e3a9091cd35e3c93ae07389835a293448e2a1d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 11 Apr 2022 16:49:27 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame B6A9
29 B
588 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:38:11 GMT
x-content-type-options
nosniff
age
676
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 11 Apr 2022 16:53:11 GMT
service-worker.js
www.businesstoday.in/ Frame
0
0

chartbeat.js
static.chartbeat.com/js/
36 KB
14 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21d7:400:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:26:19 GMT
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 04:15:35 GMT
server
nginx
age
1388
etag
W/"62297b67-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 d75767e25d58a643b0b793855f4459c8.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
BRU50-C1
x-amz-cf-id
dEe2Kzb7WgtkBkcvfT4_TUFXu3T9-FK5K7EkjU-fDK3kd-rHt6pYBA==
expires
Mon, 11 Apr 2022 18:26:19 GMT
izooto.js
cdn.izooto.com/scripts/sdk/
197 KB
49 KB
Script
General
Full URL
https://cdn.izooto.com/scripts/sdk/izooto.js
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/842341e48cf7d47c2f34a6915eacf3497270ed76.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21bb37935fef9773d655a8cbd7e2d1d12a74aa5b96d59025997b8336d9327c94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:27 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
11432
x-xss-protection
1; mode=block
last-modified
Mon, 11 Apr 2022 13:37:29 GMT
server
cloudflare
etag
W/"62542f19-312a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
access-control-allow-origin
*
expires
Thu, 12 May 2022 16:49:27 GMT
cache-control
public, max-age=2678400
cf-ray
6fa537359a1a374a-MXP
cf-bgj
minify
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Mon, 11 Apr 2022 16:49:27 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame B6A9
45 KB
22 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c859afdf0d25e53253cd00a23c0a8b11a04c4c8b80bd803dfe1a2ef1a13d1c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 11 Apr 2022 16:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
22272
x-xss-protection
0
remote.js
www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/ Frame B6A9
119 KB
37 KB
Script
General
Full URL
https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50567eb16170b863f6626d29ebf15403f08cbc50f93c04f3af3ac323f15ef3b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/fyOb7dDQiuY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 14:56:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
352398
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37727
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 00:23:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 07 Apr 2023 14:56:09 GMT
o-wDB4cz7rv9MqHhXDjjQEUhhhc2Is8u0oux7jSuMUM.js
www.google.com/js/th/ Frame B6A9
35 KB
13 KB
Script
General
Full URL
https://www.google.com/js/th/o-wDB4cz7rv9MqHhXDjjQEUhhhc2Is8u0oux7jSuMUM.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3ec03078733eebbfd32a1e15c38e340452186173622cf2ed28bb1ee34ae3143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 06:35:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
296011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13688
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 11:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 08 Apr 2023 06:35:56 GMT
embed.js
www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/ Frame B6A9
27 KB
8 KB
Script
General
Full URL
https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67f17eeade38d7f9bd48afd980b628ce3cdd925ae32599b594f6206f630e0a02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/fyOb7dDQiuY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 14:56:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
352399
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8162
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 00:23:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 07 Apr 2023 14:56:09 GMT
ScrollCarousel.js
akm-img-a-in.tosshub.com/businesstoday/resource/js/
7 KB
2 KB
Script
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/resource/js/ScrollCarousel.js?v=21032022
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eab9cf5fee7703c6c5c38821f4dca5a7c867c8ebffd835581255f9211b753f9a

Request headers

Referer
https://www.businesstoday.in/
Origin
https://www.businesstoday.in
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
VxdZve7AubX8YXZtUqbxAR3qZNK6gtEu
content-encoding
gzip
etag
"82b51978b02bb5021cf7a81ea363dd85"
x-amz-request-id
85ZBWQVFWHX8MW5K
x-amz-meta-cb-modifiedtime
Fri, 18 Jun 2021 08:58:11 GMT
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-length
1946
x-amz-id-2
hR/taBcw6sMBt5nmDIjCf8gLh7wkwPb3BkpSPiVpppegs4m3sKSdUdDIdBhRat+8w8bKNCdHYuY=
last-modified
Fri, 18 Jun 2021 08:59:26 GMT
server
AmazonS3
date
Mon, 11 Apr 2022 16:49:28 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
pubads_impl_2022040501.js
securepubads.g.doubleclick.net/gpt/
369 KB
125 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
e8a56b7248517b052849b0d606b0c402c9a147d231cfba361af5dfb5794a3766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 11:42:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18444
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128191
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 08:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 11 Apr 2023 11:42:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
380 B
202 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.businesstoday.in
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
f054ffbc9c3b84e278fb0671492dbeb26ef5039db02537f9307aea925a02c2ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 16:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
177
x-xss-protection
0
expires
Mon, 11 Apr 2022 16:49:28 GMT
truncated
/ Frame B6A9
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
DiVkvwde3an_u-i4yg6GO9VPnxjZxuaMALCpQaoO0j7SHlROx0F_RnrV2DQtpPmJqVsXVAS-8Q=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame B6A9
2 KB
3 KB
Image
General
Full URL
https://yt3.ggpht.com/DiVkvwde3an_u-i4yg6GO9VPnxjZxuaMALCpQaoO0j7SHlROx0F_RnrV2DQtpPmJqVsXVAS-8Q=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fyOb7dDQiuY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ce27cb2315b299a5392b7b46bd80ce2fb2964fa26dea47043889d5599fe5e553
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:51:52 GMT
x-content-type-options
nosniff
age
14256
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2261
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 23 Nov 2021 10:43:29 GMT
hqdefault.jpg
i.ytimg.com/vi/fyOb7dDQiuY/ Frame B6A9
26 KB
26 KB
Image
General
Full URL
https://i.ytimg.com/vi/fyOb7dDQiuY/hqdefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/fyOb7dDQiuY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a7a842996691268c0e2a55b63c8f76f87f0336a95cca98b24d399959e03c693
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:04:42 GMT
x-content-type-options
nosniff
age
2686
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26501
x-xss-protection
0
server
sffe
etag
"1643970957"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 11 Apr 2022 18:04:42 GMT
androidphone_05042022-original.jpg
akm-img-a-in.tosshub.com/businesstoday/images/story/202204/
82 KB
83 KB
Image
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/images/story/202204/androidphone_05042022-original.jpg?size=948:533
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
2a13bdadbd947de81c093369bf09d9eef0902b1ab5941f9497d6d796b19fc7ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:28 GMT
x-check-cacheable
YES
x-serial
702
etag
"d8b7e09fbe3959c80e0a42b3539543ea"
access-control-allow-methods
GET,POST,PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=43200
last-modified
Tue, 05 Apr 2022 13:46:45 GMT
content-length
84150
server
Akamai Image Manager
expires
Tue, 12 Apr 2022 04:49:28 GMT
css
fonts.googleapis.com/
11 KB
775 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1882c762bf492837eea6aa2758ab13645e3a29e02bfa1b0aa40ae38f9815d80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 11 Apr 2022 16:49:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Apr 2022 16:49:28 GMT
gdpr_status.txt
akm-img-a-in.tosshub.com/sites/common/js/gdpr/
6 B
153 B
XHR
General
Full URL
https://akm-img-a-in.tosshub.com/sites/common/js/gdpr/gdpr_status.txt
Requested by
Host: akm-img-a-in.tosshub.com
URL: https://akm-img-a-in.tosshub.com/sites/common/js/gdpr/gdpr_changes.min.js?v=1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e82756cab7fba4593496e132a6e1c70ee5f6deaf020dfa4404ac2baf3aff5f3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 11 Apr 2022 16:49:28 GMT
cache-control
max-age=1296000
expires
Tue, 26 Apr 2022 16:49:28 GMT
content-length
6
access-control-allow-methods
GET,POST,PUT
content-type
text/html
4822.json
script.crazyegg.com/pages/data-scripts/0022/
14 KB
2 KB
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0022/4822.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0022/4822.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c74efceab763fcfc9203970ada423a9c3b4ba399a1f65e1d3dc22b51ccca64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:28 GMT
content-encoding
gzip
cf-cache-status
HIT
age
265674
ce-version
11.1.403
content-length
1926
timing-allow-origin
*
last-modified
Fri, 08 Apr 2022 15:01:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
6fa537370aba0f66-MXP
tp2
recengine.intoday.in/collector/com.snowplowanalytics.snowplow/ Frame
0
0
Preflight
General
Full URL
https://recengine.intoday.in/collector/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89b::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.businesstoday.in
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.businesstoday.in
content-length
366
content-type
text/html
date
Mon, 11 Apr 2022 16:49:28 GMT
tp2
recengine.intoday.in/collector/com.snowplowanalytics.snowplow/
0
0

efidwq
recengine.intoday.in/recengine/info/
28 B
257 B
XHR
General
Full URL
https://recengine.intoday.in/recengine/info/efidwq
Requested by
Host: akm-img-a-in.tosshub.com
URL: https://akm-img-a-in.tosshub.com/sites/recengine/tracker/2.11.0/cssp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
04be4f23e1135a2993e7a58d5e23a4868f331c1c9cd3f09482f054ac0006f4d7

Request headers

Referer
https://www.businesstoday.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:28 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.businesstoday.in
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
28
expires
Mon, 11 Apr 2022 16:49:28 GMT
efidwq
recengine.intoday.in/recengine/info/ Frame
0
0
Preflight
General
Full URL
https://recengine.intoday.in/recengine/info/efidwq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89b::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.businesstoday.in
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type Content-Type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://www.businesstoday.in
allow
HEAD, POST, OPTIONS, GET
cache-control
max-age=0, no-cache, no-store
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 11 Apr 2022 16:49:28 GMT
expires
Mon, 11 Apr 2022 16:49:28 GMT
pragma
no-cache
server
nginx
ping
ping.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=businesstoday.in&p=%2Ftechnology%2Fnews%2Fstory%2Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-1933723-2022-04-05&u=D61LAtCL8REvgokIh&d=businesstoday.in&g=60355&g0=technology&g1=Shubham%20Verma&n=1&f=00001&c=0&x=0&m=0&y=4220&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=994&_x=rssfeed&t=Che6Q2BfFx9KC0gg25D1j8OJ84uqm&V=129&i=Your%20Android%20phone%20may%20be%20next%20target%20of%20new%20malware%20associated%20with%20Russia&tz=0&sn=1&sv=s_Lv6DLYbfuC1UWXNBpJg-EC4asBH&sd=1&im=064b0c53&_
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.55.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-55-208.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:28 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
style
accounts.google.com/gsi/
657 B
441 B
Stylesheet
General
Full URL
https://accounts.google.com/gsi/style
Requested by
Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.UvM_vu0lnyM.O/am=Qg/d=1/rs=AF0KOtUGgzUzoBi7rnLvAFJ7qBm-1amfTQ/m=gis_client_library
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7a36953d8c9c0e8b19dc478d9bbcf13312609437b21eed3301f50eb0db0d14ac
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-5FsQ6y5dlDnHVeOttoPZ+g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-5FsQ6y5dlDnHVeOttoPZ+g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx"
expires
Mon, 11 Apr 2022 16:49:28 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.businesstoday.in
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 05:33:18 GMT
x-content-type-options
nosniff
age
472570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Apr 2023 05:33:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.businesstoday.in
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 18:59:49 GMT
x-content-type-options
nosniff
age
510579
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Apr 2023 18:59:49 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.businesstoday.in
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:07:55 GMT
x-content-type-options
nosniff
age
506493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Apr 2023 20:07:55 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.businesstoday.in
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 16:37:56 GMT
x-content-type-options
nosniff
age
519092
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Apr 2023 16:37:56 GMT
iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame F27F
0
0

11.1.403.js
script.crazyegg.com/pages/versioned/common-scripts/
80 KB
26 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.403.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0022/4822.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1684874c8bae229c40a136c7ebe1df660961e0722f79076a17ce49294b6e6db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 16:49:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Mar 2022 15:34:49 GMT
server
cloudflare
age
282940
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
cf-ray
6fa537378b300dfe-MXP
content-length
26410
ros-right
www.businesstoday.in/ajax/
36 KB
7 KB
XHR
General
Full URL
https://www.businesstoday.in/ajax/ros-right
Requested by
Host: akm-img-a-in.tosshub.com
URL: https://akm-img-a-in.tosshub.com/businesstoday/resource/js/jquery-3.5.0.min.js?v=21032022
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
56117a981225a9b337ac853ac759925fbe6356c153fc432ab81b0a2d56cceacf

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:28 GMT
itgd-akmttl
1800 public
itgd-ittl
1800 public
x-backend
Yes
vary
Accept-Encoding
content-type
application/json
cache-control
max-age=0, no-cache
x-varnish
12742305
x-cache-hits
0
accept-ranges
bytes
content-encoding
gzip
content-length
6516
expires
Mon, 11 Apr 2022 16:49:28 GMT
cygnus
htlb.casalemedia.com/
36 B
336 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=269034&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221eb5084a9aaf48%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.businesstoday.in%2Ftechnology%2Fstory%2Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05%3Futm_source%3Drssfeed%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A4%2C%22ren%22%3Afalse%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22274abac005615c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22269034%22%2C%22sid%22%3A%225%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22386eb303220aef%22%2C%22ext%22%3A%7B%22siteID%22%3A%22269035%22%2C%22sid%22%3A%226%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224d31e5242bd6ee%22%2C%22ext%22%3A%7B%22siteID%22%3A%22269036%22%2C%22sid%22%3A%227%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225f4438d436d8bf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22269037%22%2C%22sid%22%3A%228%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/550/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1bdab2f84a5631889cd1b54550dc1330b94bcd7f87a75f167c0be2513d291a28

Request headers

Referer
https://www.businesstoday.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:28 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.138.194.163], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.businesstoday.in
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Mon, 11 Apr 2022 16:49:28 GMT
prebid
ib.adnxs.com/ut/v3/
41 KB
11 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/550/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9ca9dc428aa0ce134c2cdbbfe58fae1ef7c4468aa8f0d8fab99040327f8f7e20
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.businesstoday.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 11 Apr 2022 16:49:28 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.194.163; 217.138.194.163; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4206f604-6d22-4f34-bf36-307a13ccfb2a
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.businesstoday.in
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
727 B
3 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11350&site_id=30248&zone_id=903608%3B903610%3B903612%3B903614&size_id=2%3B15%3B10%3B2&eid_pubcid.org=13f29037-cbd0-4b43-a699-60782441ba90%5E1&rf=https%3A%2F%2Fwww.businesstoday.in%2Ftechnology%2Fstory%2Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05%3Futm_source%3Drssfeed&tg_i.pbadslot=1007232%2FBusinesstoday_ROS_DesktopMasthead_728x90%3B1007232%2FBusinesstoday_ROS_Desktop_300x250_ATF%3B1007232%2FBusinesstoday_ROS_Desktop_300x600_BTF%3B1007232%2FBusinesstoday_ROS_Desktop_728x90_BTF&tg_i.dfp_ad_unit_code=1007232%2FBusinesstoday_ROS_DesktopMasthead_728x90%3B1007232%2FBusinesstoday_ROS_Desktop_300x250_ATF%3B1007232%2FBusinesstoday_ROS_Desktop_300x600_BTF%3B1007232%2FBusinesstoday_ROS_Desktop_728x90_BTF&tk_flint=pbjs_lite_v4.25.0&x_source.tid=671b8145-5801-4c90-8a45-a87115b550bd%3Bbda69570-f535-404d-957e-ff5bb20150bd%3Be1d6c23a-6832-4df5-b9ef-3aa628cef9b0%3B334c24c4-2682-42db-a193-3acd9cd5e458&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&slots=4&rand=0.2831150683272623
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/550/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
104f0957b57cd033c5c25d405e9113a5e98639bbe0a38005046bffe2e05697af

Request headers

Referer
https://www.businesstoday.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 11 Apr 2022 16:49:28 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.businesstoday.in
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
727
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/
9 KB
4 KB
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/550/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a19ee49da54bcc183d7900b2acf1f89ee6e34d4bd5fc66711fdf3716743e9377

Request headers

Referer
https://www.businesstoday.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.businesstoday.in
date
Mon, 11 Apr 2022 16:49:28 GMT
content-encoding
gzip
x-openrtb-version
2.3
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json
translator
hbopenbid.pubmatic.com/
0
120 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/550/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.businesstoday.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.businesstoday.in
date
Mon, 11 Apr 2022 16:49:27 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/
0
64 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/550/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.businesstoday.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.businesstoday.in
date
Mon, 11 Apr 2022 16:49:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame B6A9
4 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Apr 2022 16:49:28 GMT
generate_204
www.youtube.com/ Frame B6A9
0
9 B
Image
General
Full URL
https://www.youtube.com/generate_204?9wYjqA
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/fyOb7dDQiuY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
dp-growth.png
akm-img-a-in.tosshub.com/businesstoday/resource/img/
328 B
548 B
Image
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/resource/img/dp-growth.png
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
37d00d91a4f6919526eea7dda97facfbbf369b541d5983e5958b473398f96922

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:28 GMT
last-modified
Fri, 11 Jun 2021 07:25:45 GMT
server
Akamai Image Manager
etag
"ff9d3718f65b4a12cba507245c9f72ea"
access-control-allow-methods
GET,POST,PUT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
328
expires
Tue, 12 Apr 2022 04:49:28 GMT
jobs-growth.png
akm-img-a-in.tosshub.com/businesstoday/resource/img/
524 B
745 B
Image
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/resource/img/jobs-growth.png
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1738140ec0500314c72c33f8374b1f91f742504ceae31971fe1691f5b1dbf2bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:28 GMT
last-modified
Fri, 11 Jun 2021 07:19:43 GMT
server
Akamai Image Manager
etag
"938b5f477aa6e6fbb3aedbc1d6dcc2f0"
access-control-allow-methods
GET,POST,PUT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
524
expires
Tue, 12 Apr 2022 04:49:28 GMT
unemployment.png
akm-img-a-in.tosshub.com/businesstoday/resource/img/
509 B
729 B
Image
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/resource/img/unemployment.png
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c7c196d15238cb625027716c612d34bd5c3c4347479452579b5b450b8107508b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:28 GMT
last-modified
Fri, 11 Jun 2021 10:44:54 GMT
server
Akamai Image Manager
etag
"92ed0d278d35c0e9b98eec650b65e926"
access-control-allow-methods
GET,POST,PUT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
509
expires
Tue, 12 Apr 2022 04:49:28 GMT
inflation.png
akm-img-a-in.tosshub.com/businesstoday/resource/img/
633 B
883 B
Image
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/resource/img/inflation.png
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1a123f05789044051604900c7b3a111e2d4725fb1e5483bdb40a2ccc3d2143d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:28 GMT
x-check-cacheable
YES
x-serial
1588
etag
"09e3e4a9e563e60413e06abed119f730"
access-control-allow-methods
GET,POST,PUT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
last-modified
Fri, 11 Jun 2021 10:44:53 GMT
content-length
633
server
Akamai Image Manager
expires
Tue, 12 Apr 2022 04:49:28 GMT
cover-17-april-1.jpg
akm-img-a-in.tosshub.com/businesstoday/resources/
12 KB
12 KB
Image
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/resources/cover-17-april-1.jpg
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
905458c959451dd54e97f28e9dd448fbda086b2f5ed73f8c4879cb5a82421dc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:28 GMT
x-check-cacheable
YES
x-serial
1709
etag
"da327fe7fb4d35960e75864f7beb65a3"
access-control-allow-methods
GET,POST,PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=43200
last-modified
Fri, 01 Apr 2022 06:14:24 GMT
content-length
12236
server
Akamai Image Manager
expires
Tue, 12 Apr 2022 04:49:28 GMT
default.png
akm-img-a-in.tosshub.com/businesstoday/resource/img/
210 B
431 B
Image
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/resource/img/default.png?size=98:55
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c048d74f23f7e531f204350fbf735d4cead36cf206e12a1f3ded35304cc3744d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:28 GMT
last-modified
Tue, 31 Aug 2021 13:47:30 GMT
server
Akamai Image Manager
etag
"166ed98c1cc913a834e7be84fded4339"
access-control-allow-methods
GET,POST,PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
210
expires
Wed, 04 May 2022 13:56:55 GMT
4822.json
script.crazyegg.com/pages/sampling-data-scripts/0022/
1 KB
454 B
XHR
General
Full URL
https://script.crazyegg.com/pages/sampling-data-scripts/0022/4822.json?t=458248
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.403.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a13bf9293566f9c82a0f2c4e1f2b7a7dda6ef0206962b7da05da66cfd0508729

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:28 GMT
content-encoding
gzip
cf-cache-status
HIT
age
41024
ce-version
11.1.403
content-length
359
timing-allow-origin
*
last-modified
Mon, 11 Apr 2022 05:25:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
6fa53738fe370f66-MXP
cast_sender.js
www.gstatic.com/eureka/clank/100/ Frame B6A9
52 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/100/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 10:54:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15463
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 16:04:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 12 Apr 2022 10:54:13 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame B6A9
98 B
142 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dcce9599b3809b567c5802c3a73491a9842e41e50431fc22b115261c9f960ced
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 11 Apr 2022 16:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
uber-sixteen_nine.png
akm-img-a-in.tosshub.com/businesstoday/images/story/202204/
852 B
1 KB
Image
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/images/story/202204/uber-sixteen_nine.png?size=98:55
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
f4c141a094f0ad452e7da9220d887d4ba758cf2e88ff01332711c2801bf8ba9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:28 GMT
x-check-cacheable
YES
x-serial
810
etag
"1b8991d56370a3f0a3ce5b42ca2a3611"
access-control-allow-methods
GET,POST,PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=43200
last-modified
Mon, 11 Apr 2022 16:17:23 GMT
content-length
852
server
Akamai Image Manager
expires
Tue, 12 Apr 2022 04:49:28 GMT
modi-biden1200-sixteen_nine.jpg
akm-img-a-in.tosshub.com/businesstoday/images/story/202204/
2 KB
2 KB
Image
General
Full URL
https://akm-img-a-in.tosshub.com/businesstoday/images/story/202204/modi-biden1200-sixteen_nine.jpg?size=98:55
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:580::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c59c2b0a178da329a10eeb7ea71656437ce251655d9e6da72e36ec2051814aea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:28 GMT
last-modified
Mon, 11 Apr 2022 16:17:25 GMT
server
Akamai Image Manager
etag
"5b02429fa694bf003a315766caad94a1"
access-control-allow-methods
GET,POST,PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=43200
content-length
1572
expires
Tue, 12 Apr 2022 04:49:28 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Mon, 11 Apr 2022 16:49:28 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
healthcheck
pagestates-tracking.crazyegg.com/
19 B
417 B
XHR
General
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.403.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:52:43 GMT
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified
Tue, 05 Oct 2021 13:53:30 GMT
server
AmazonS3
age
9601006
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
19
x-amz-cf-id
nJX97tY6gsQXYd6WXXbGgbAwVm3r_1ptOQI1SeK_tyLb2p5WGotzdg==
healthcheck
assets-tracking.crazyegg.com/
19 B
419 B
XHR
General
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.403.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:24:28 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
last-modified
Tue, 05 Oct 2021 13:53:30 GMT
server
AmazonS3
age
9602701
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
19
x-amz-cf-id
MurcjT71XYp3SZj2MzK85ERp2CLPQNPIKCWI5MzveS8_hsHBfYhE9A==
a85035fb-29b7-4d30-90c3-1d4ac7f02076
https://www.businesstoday.in/
53 B
0
Other
General
Full URL
blob:https://www.businesstoday.in/a85035fb-29b7-4d30-90c3-1d4ac7f02076
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
53
Content-Type
text/javascript
clock
tracking.crazyegg.com/
29 B
136 B
XHR
General
Full URL
https://tracking.crazyegg.com/clock?t=1649695770093
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.403.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.91.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-91-70.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
7e5695c2105ad7a70e127b7912b47b64bc4550e63d4023390f5c028b9a0d1595

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 11 Apr 2022 16:49:28 GMT
cache-control
no-store
server
awselb/2.0
content-length
29
content-type
text/plain
ixmatch.html
js-sec.indexww.com/um/ Frame 0C34
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/550/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.businesstoday.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Mon, 11 Apr 2022 16:49:29 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A164
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/550/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.businesstoday.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 11 Apr 2022 16:49:29 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3403
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/550/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-147-28.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Referer
https://www.businesstoday.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=98358
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Mon, 11 Apr 2022 16:49:29 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Tue, 12 Apr 2022 20:08:47 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame C73A
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/550/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.156.240 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-156-240.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.businesstoday.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 11 Apr 2022 16:49:29 GMT
ETag
"623de86a-cf34"
Expires
Tue, 12 Apr 2022 16:49:31 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 3403
0
0

usync.js
eus.rubiconproject.com/ Frame A164
32 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
423084fc341ce4272730c0f54b954c269c0bb38fd8269857d2a6ccddb039e8a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 16:49:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32479
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9542
Expires
Tue, 12 Apr 2022 01:50:48 GMT
async_usersync
ib.adnxs.com/ Frame C73A
0
746 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Apr 2022 16:49:29 GMT
X-Proxy-Origin
217.138.194.163; 217.138.194.163; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5fc8e979-c8b5-4750-a166-9151d9f5207a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 33CA
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.businesstoday.in%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.businesstoday.in%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.businesstoday.in%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1d4b8a571591a7fb23ac2dc9a3252192d25de323a5dfe5c56d67e4447910c6e

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1594
Content-Type
text/html
Date
Mon, 11 Apr 2022 16:49:29 GMT
Dropped-Udsids
241|39|230|45|3|5|41|8
Expires
Mon, 11 Apr 2022 16:49:29 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
351
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 11 Apr 2022 16:49:29 GMT
Expires
Mon, 11 Apr 2022 16:49:29 GMT
Location
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.businesstoday.in%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
rubicon
match.adsrvr.org/track/cmf/ Frame A164
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame A164
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDExMmFlODQwMjk1YTUxN2Y0ODdjZGU4NzY4Nzc5ZjJhMzMwYWQ0MQ
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDExMmFlODQwMjk1YTUxN2Y0ODdjZGU4NzY4Nzc5ZjJhMzMwYWQ0MQ
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDExMmFlODQwMjk1YTUxN2Y0ODdjZGU4NzY4Nzc5ZjJhMzMwYWQ0MQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A164
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7cd-5IxHQCCZfTiPpvSGeA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=7cd-5IxHQCCZfTiPpvSGeA
43 B
556 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=7cd-5IxHQCCZfTiPpvSGeA
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
HTTP/1.1
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Apr 2022 16:49:29 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TME3S60QA6BMJDN0WHRR
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=7cd-5IxHQCCZfTiPpvSGeA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame A164
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1UY9LJC-P-IQXH&sigv=1&esig=2~00074e30b565d94d4a69c39bfb98a60e3f5ade55
0
194 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1UY9LJC-P-IQXH&sigv=1&esig=2~00074e30b565d94d4a69c39bfb98a60e3f5ade55
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:29 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1UY9LJC-P-IQXH&sigv=1&esig=2~00074e30b565d94d4a69c39bfb98a60e3f5ade55
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A164
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFVWTlMSkMtUC1JUVhI
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFVWTlMSkMtUC1JUVhI
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFVWTlMSkMtUC1JUVhI
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A164
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/EASN7cXoq112mJbPM0yjHg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=545040011050497949
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=545040011050497949
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

date
Mon, 11 Apr 2022 16:49:29 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=545040011050497949
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
ecm3
s.amazon-adsystem.com/ Frame A164
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2pDfl-27RCyLiP7LIHkVUg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2pDfl-27RCyLiP7LIHkVUg
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2pDfl-27RCyLiP7LIHkVUg
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Apr 2022 16:49:29 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NT3H86Y6GBD3GEX9H3D6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2pDfl-27RCyLiP7LIHkVUg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A164
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAgIFMuC7e1QF1LdhAWiqEc&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAgIFMuC7e1QF1LdhAWiqEc&google_cver=1
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAgIFMuC7e1QF1LdhAWiqEc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.businesstoday.in
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 16:49:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.businesstoday.in
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 16:49:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
502 KB
127 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=242619153397598&correlator=3665775675335000&eid=31067008%2C44755509&output=ldjh&gdfp_req=1&vrg=2022040501&ptt=17&impl=fifs&iu_parts=1007232%2CBusinesstoday_ROS_DesktopMasthead_728x90%2CBusinesstoday_ROS_Desktop_300x250_ATF%2CBusinesstoday_ROS_Desktop_300x100%2CBusinesstoday_ROS_Desktop_300x600_BTF%2CBusinesstoday_ROS_Desktop_728x90_BTF%2CBusinesstoday_ROS_Desktop_Innovation_1x1%2CBusinesstoday_Desktop_Teads_1x1%2CBusinesstoday_ROS_Desktop_Richmedia_1x1%2CBusinesstoday_ROS_Desktop_300x250_MTF&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F9&prev_iu_szs=728x90%2C300x250%2C300x100%2C300x600%2C728x90%2C1x1%2C1x1%2C1x1%2C300x250%7C336x280%2C300x250%7C336x280&ifi=1&adks=2437962569%2C2880820799%2C2511109409%2C3558109518%2C1833231906%2C1635727927%2C2102534908%2C3936168117%2C1592344709%2C1592344708&sfv=1-0-38&ecs=20220411&fsapi=false&prev_scp=%7Cpwtsid_appnexus%3D26c9eed2fa56e1%26pwtbst_appnexus%3D0%26pwtecp_appnexus%3D0.00%26pwtsz_appnexus%3D300x250%7C%7Cpwtsid_appnexus%3D27f6d913f0ed873%26pwtbst_appnexus%3D0%26pwtecp_appnexus%3D0.00%26pwtsz_appnexus%3D300x600%7Cpwtsid_appnexus%3D28ec296baf01fc8%26pwtbst_appnexus%3D1%26pwtecp_appnexus%3D0.09%26pwtsz_appnexus%3D728x90%26pwtsid%3D28ec296baf01fc8%26pwtbst%3D1%26pwtecp%3D0.09%26pwtpid%3Dappnexus%26pwtpubid%3D156066%26pwtprofid%3D550%26pwtverid%3D26%26pwtsz%3D728x90%26pwtplt%3Ddisplay%7C%7C%7C%7Cpwtsid_pubmatic%3D29388f5f5eb9536%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7C&cust_params=category%3Dtechnology%252Cstory%252C328668%252CAajtak_story_loop_1%26keywords%3Dmalware%252Cprocess%2520manager%2520malware%252Crussian%2520hackers%252Crussia%2520cyber%2520security%252Candroid%2520malware&sc=1&cookie_enabled=1&abxe=1&dt=1649695770670&lmt=1649695770&dlt=1649695768777&idt=878&biw=1600&bih=1200&adxs=276%2C1135%2C1135%2C1135%2C286%2C165%2C165%2C0%2C480%2C480&adys=529%2C358%2C628%2C2676%2C3750%2C3729%2C1574%2C0%2C1870%2C2430&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.businesstoday.in%2Ftechnology%2Fstory%2Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05%3Futm_source%3Drssfeed&frm=20&vis=1&scr_x=0&scr_y=0&psz=730x-1%7C300x250%7C300x100%7C300x2298%7C970x90%7C950x111%7C950x1%7C1600x4221%7C950x2225%7C950x2225&msz=730x-1%7C300x0%7C300x0%7C300x0%7C970x0%7C1x-1%7C1x-1%7C1600x0%7C320x250%7C320x250&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=713257619.1649695769&ga_sid=1649695771&ga_hid=1311914944&ga_fc=true&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C0%7C5%7C6&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
b4662dc3640227f50e5c2bae4f5b6d8fffc788f4a10799c60f5a8b5e9cfb6939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130413
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,5919489518,-2,-2,-2,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,138380869665,-2,-2,-2,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.businesstoday.in
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 783C
6 KB
4 KB
Document
General
Full URL
https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.businesstoday.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Apr 2022 16:49:29 GMT
expires
Tue, 11 Apr 2023 16:49:29 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dcm
s.amazon-adsystem.com/ Frame 33CA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlRcGYxuwX0nuaICePq77AAABFYAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlRcGYxuwX0nuaICePq77AAABFYAAAAB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlRcGYxuwX0nuaICePq77AAABFYAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.businesstoday.in%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Apr 2022 16:49:29 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KZBKXW2GN8SCFTP56N38
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 11 Apr 2022 16:49:29 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8ANDF7E9NAV2SZ9EQ27T
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlRcGYxuwX0nuaICePq77AAABFYAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 33CA
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.businesstoday.in%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 33CA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YlRcGYxuwX0nuaICePq77AAABFYAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.businesstoday.in%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 33CA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YlRcGYxuwX0nuaICePq77AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHerI2DKFYLPIZbK-UQXaSA&google_cver=1&gdpr=1
43 B
1000 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHerI2DKFYLPIZbK-UQXaSA&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.businesstoday.in%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Apr 2022 16:49:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 11 Apr 2022 16:49:29 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHerI2DKFYLPIZbK-UQXaSA&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 33CA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=95f06254-5c19-4900-bbc0-e258daeeafd7&gdpr=1&gdpr_consent=
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=95f06254-5c19-4900-bbc0-e258daeeafd7&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.businesstoday.in%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Apr 2022 16:49:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 11 Apr 2022 16:49:29 GMT

Redirect headers

Date
Mon, 11 Apr 2022 16:49:29 GMT
Server
MT3 4320 2f2dfe5 master ord-pixel-x51 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=95f06254-5c19-4900-bbc0-e258daeeafd7&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 11 Apr 2022 16:49:28 GMT
ix
ad4m.at/ad/sim/ Frame 33CA
0
0
Image
General
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.businesstoday.in%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

bridge
cm.adgrx.com/ Frame 33CA
43 B
408 B
Image
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.businesstoday.in%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.52.31.49 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
sjc-delivery-8.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Apr 2022 16:49:29 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
sjc-delivery-8
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 33CA
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=bb4a333f-d62d-4c2d-a76b-2cc6a251c93e&expiration=1681231769
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=bb4a333f-d62d-4c2d-a76b-2cc6a251c93e&expiration=1681231769
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.businesstoday.in%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Apr 2022 16:49:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 11 Apr 2022 16:49:29 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=bb4a333f-d62d-4c2d-a76b-2cc6a251c93e&expiration=1681231769
date
Mon, 11 Apr 2022 16:49:29 GMT
server
Kestrel
content-length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 33CA
43 B
425 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YlRcGYxuwX0nuaICePq77AAA%261110
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.businesstoday.in%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 16:49:29 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2279
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 11 Apr 2022 17:27:28 GMT
607.json
id5-sync.com/g/v2/
213 B
538 B
XHR
General
Full URL
https://id5-sync.com/g/v2/607.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/550/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.75.146.199 , France, ASN16276 (OVH, FR),
Reverse DNS
p12.id5-sync.com
Software
/
Resource Hash
ce553c8c06c6bcd38430f34669788440eb98730f24d5df50e31b34f2d96d9611
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.businesstoday.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.businesstoday.in
Date
Mon, 11 Apr 2022 16:49:29 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/
63 B
341 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/550/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.131.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-131-63.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
62270576c6d854faa40d80c69add9e452c451bab9d0f6144c7f79815b029dcce

Request headers

Referer
https://www.businesstoday.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:29 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.businesstoday.in
cache-control
no-cache
x-server
10.45.4.63
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/
109 B
546 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/550/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
50c4ec9289ae615e71908846d3164caf8bc16c61a22fe59a819e464a6100c193

Request headers

Referer
https://www.businesstoday.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Apr 2022 16:49:29 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.businesstoday.in
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Wed, 11 May 2022 16:49:30 GMT
async_usersync
ib.adnxs.com/ Frame C73A
0
746 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Apr 2022 16:49:30 GMT
X-Proxy-Origin
217.138.194.163; 217.138.194.163; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
355afb8d-0ce5-42f2-944f-c637148e0051
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E843
6 KB
3 KB
Document
General
Full URL
https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.businesstoday.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Apr 2022 16:49:29 GMT
expires
Tue, 11 Apr 2023 16:49:29 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame 2567
222 KB
62 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16782
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Mon, 11 Apr 2022 12:09:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Apr 2023 12:09:48 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 2567
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Mon, 11 Apr 2022 12:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Apr 2023 12:09:47 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 2567
96 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Mon, 11 Apr 2022 12:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Apr 2023 12:09:47 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 2567
74 KB
17 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
513db1539e2636a80095ea5400aba7f55aa44b4d78eb0440cc87b6d693cf6090
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
603544
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17308
x-xss-protection
0
server
sffe
date
Mon, 04 Apr 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9e7f38e1fe946943"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 04 Apr 2023 17:10:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 2567
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Mon, 11 Apr 2022 12:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Apr 2023 12:09:47 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 2567
42 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16782
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Mon, 11 Apr 2022 12:09:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Apr 2023 12:09:48 GMT
truncated
/ Frame 2567
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1018169cd7cb8287fbdbb5cbbbf77bf0f7cc585d33a7c22793f052f1d739435

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame ACF8
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOvBBoRdKP77CAZWhODiEfcC90elRx1QrAwQ371JxFRNSE7BhO1Hd7Gp0bDJCqfd5h-EAeOJZUdemh8mtHs32qMGSImy2bLaqcGxxOhUTdTnS_wPX8PDang2PF-rqQJDlXQGWhT1JwCPX_epTt67C0NI5z8VV3PWX948h2fymjdQ8ZPlc-9f8db2CvLK8tZRYTWrc9YEiX5CM19W8_B29r6LXxmgCrTEfLulyCxiozT3yuqMXU9-PaKRTYY0vP_tZfVBS0nMGVghXF5c9gbISjNjrzUdgC7p6ANs2ZT_9rSLzQ_bp_zjMXHqdLS2DX59HYG0ZLNo8KlcQ2AI86pQpniBrWnA&sig=Cg0ArKJSzF0POiparxeLEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 16:49:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
9odysa1gd1m7
hal9000.redintelligence.net/zone/ Frame ACF8
10 KB
3 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/9odysa1gd1m7?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=5122599489756562231&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5122599489756562231%26mt_id%3D6622401%26mt_adid%3D216536%26redirect%3D
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
df277dd293d42b5baf4d4632f0535e82d62988c738faf9ed83e404e539a4a833

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 16:49:30 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2800
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
img
sync.mathtag.com/sync/ Frame ACF8
Redirect Chain
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTVRVeVpUZGpNRGd0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUxMjI1OTk0ODk3NTY1NjIyMzEvNjYyMjQwMS80NTYyMzEyLzEzL1BlbX...
  • https://sync.mathtag.com/sync/img?sync=auto&source=bidder&mt_lim=1&type=1,2
43 B
430 B
Image
General
Full URL
https://sync.mathtag.com/sync/img?sync=auto&source=bidder&mt_lim=1&type=1,2
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
HTTP/1.1
Server
216.200.232.249 Monrovia, United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4320 2f2dfe5 master ord-pixel-x27 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 16:49:31 GMT
Server
MT3 4320 2f2dfe5 master ord-pixel-x27 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 11 Apr 2022 16:49:30 GMT

Redirect headers

Date
Mon, 11 Apr 2022 16:49:31 GMT
x-mm-bid-request-time
1649695768
Last-Modified
Mon, 11 Apr 2022 16:49:28 GMT
Server
MMBD/3.307.0
x-mm-latency
146 (0)
Content-Type
text/html; charset=utf-8
Location
https://sync.mathtag.com/sync/img?sync=auto&source=bidder&mt_lim=1&type=1,2
x-mm-dbg
Invalid
Cache-Control
no-cache
x-mm-host
pao-router-x76, cdg-bidder-x184
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
75
Expires
Mon, 11 Apr 2022 16:49:30 GMT
img
pixel.mathtag.com/event/ Frame ACF8
43 B
405 B
Image
General
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=5122599489756562231&v3=651871&v4=4562312&v5=6622401&mt_nsync=1&no_attr=1
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.184.254 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-184-254.deploy.static.akamaitechnologies.com
Software
MT3 4335 2c68c00 master cdg-pixel-x27 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 16:49:31 GMT
Server
MT3 4335 2c68c00 master cdg-pixel-x27 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 11 Apr 2022 16:49:30 GMT
img
tags.mathtag.com/event/ Frame ACF8
49 B
330 B
Image
General
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=5122599489756562231&st=4562312&time=[IMP_ATTR.time]&nodeid=3148
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.241 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.307.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 16:49:31 GMT
Server
MMBD/3.307.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
pao-router-x43, cdg-bidder-x184
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 11 Apr 2022 16:49:30 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame ACF8
85 KB
29 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/550/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.156.240 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-156-240.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 16:49:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Tue, 11 Apr 2023 16:49:30 GMT
it
ams1-ib.adnxs.com/ Frame ACF8
0
818 B
Image
General
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.businesstoday.in%252Ftechnology%252Fstory%252Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05%253Futm_source%253Drssfeed&e=wqT_3QLoC-joBQAAAwDWAAUBCJi40ZIGENmek9n1yuuoTxgAKjYJ203wTdNnuz8R-g7Zm3NLtz8ZAAAA4HoUEEAh-g0SACkRJMgxAAAAANej0D8w9POrBjj0SUAdSAhQ19qohgFYhfVcYABogs92ePq-A4ABAYoBA1VTRJIFBvBpmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBKUJ1c2luZXNzdG9kYXlfUk9TX0Rlc2t0b3BfNzI4eDkwX0JURl9Ed2Vi2AIA4ALck0jqAp4BaHR0cHM6Ly93d3cuYnVzaRVB9OIBLmluL3RlY2hub2xvZ3kvc3RvcnkveW91ci1hbmRyb2lkLXBob25lLW1heS1iZS1uZXh0LXRhcmdldC1vZi1uZXctbWFsd2FyZS1hc3NvY2lhdGVkLXdpdGgtcnVzc2lhLTMyODY2OC0yMDIyLTA0LTA1P3V0bV9zb3VyY2U9cnNzZmVlZIADAIgDAZADAJgDF6ADAaoDpwYK3gVodHRwOi8vdGFncy5tYXRodGFnLmNvbS9ub3RpZnkvaW1nP2V4Y2g9YXBuJnNfZXhjaD1hcG4maWQ9NWFXOTVxMmpMekl6THlBdlRWUlZlVnBVWkdwTlJHZDBUVVJCZDAxRE1IZE5SRUYzVEZSQmQwMUVRWFJOUkVGM1RVUkJkMDFFUVhkTlJFRjNMelV4TWpJMU9UazBPRGszTlRZMU5qSXlNekV2TmpZeU1qUXdNUzgwTlRZeU16RXlMekV6TDFCbGJYcFJRV0ZTTTBJMWRWSkdSRUZ1WWpOS1VIZHpSRmswYjJONFQwUkZSVWRKVDNsZldFOTBSSGN2TVM4eE15OHdMekF2T1RVMk9EQXpMek0yTkRrM05EazJOamN2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVJCZDAxRVFYEdQ4TXdkMDFFUVhkTVZFRjNUIQQARQUQOjAAEGN2TUM4BXwJCAxVeE1qVvwA2FlXMXpMekF2TVRZd05TODNPQzg1T1Rrdk16SXlMekl4Tnk0eE16Z3VNVGswTGpBdk1DNHdNREEBMPCGME9UWTVOVGMyT0M4eE5qUTVOekE0TXpZNEx6RXpMemswTmpBdi9oel9iQ3p3NlRTektDQjlXUDJkN3d4SkVLWncmbm9kZWlkPTMxNDgmZ3JvdXA9Y2RnJmF1Y3Rpb25pZD01MTIyNTk5NDg5NzU2NTYyMjMxJnNoYXJka2V5PTUxMjI1OTk0Lh0A9DQBcHJpY2U9JHtBVUNUSU9OX1BSSUNFfSZuZnlfYWN0PUxENXdmM1UmYmZpcD0xODUuMjkuMTMyLjM5JnNpZD00NTYyMzEyJmNpZD02NjIyNDAxJnNyYz1hcGkmdHlwZT1udXJsJmNsaWVudD1zMnMSEzUxMjI1OTk0ODk3NTY1NjIyMzEaEzU3MTU1NDEwOTIzMjQzOTY4ODkiCTI4MTY4NTMzNSoGMTAxOTM2Ogc2NjIyNDAxwAOsAsgDANgD0sFT4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk0LjE2M6gEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATX2qiGAYgFAZgFAKAFhKK95f6NpfENwAUAyQUAgeoYAPA_0gUJCQULfAAAANgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAMEGASEBMSTQBvmrAdoGFgoQCRIZAXwQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzG6BwGxTAAYACAAMAA4wgZAAMgH-r4D0gcNFYABHgjaBwYBeUwYAOAHAOoHAggA8AeuzA2KCAIQAA..&s=9e65fe00d9e35dbb55fd98ac683707ca87e8d3a3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/550/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Apr 2022 16:49:30 GMT
X-Proxy-Origin
217.138.194.163; 217.138.194.163; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
dfdfc8e1-c8ef-4ced-abcd-f129e7d2d77b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ACF8
119 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649247338736001"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Apr 2022 16:49:31 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame C32C
222 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16782
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Mon, 11 Apr 2022 12:09:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Apr 2023 12:09:48 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame C32C
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Mon, 11 Apr 2022 12:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Apr 2023 12:09:47 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame C32C
96 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Mon, 11 Apr 2022 12:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Apr 2023 12:09:47 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame C32C
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Mon, 11 Apr 2022 12:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Apr 2023 12:09:47 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame C32C
42 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16782
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Mon, 11 Apr 2022 12:09:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Apr 2023 12:09:48 GMT
truncated
/ Frame C32C
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3df18d8bcc7c11a845266d71944125dc53006b56b44a3fb5b6b635268ef00822

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame E305
222 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16782
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Mon, 11 Apr 2022 12:09:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Apr 2023 12:09:48 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E305
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Mon, 11 Apr 2022 12:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Apr 2023 12:09:47 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E305
96 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Mon, 11 Apr 2022 12:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Apr 2023 12:09:47 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E305
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Mon, 11 Apr 2022 12:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Apr 2023 12:09:47 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame E305
42 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16782
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Mon, 11 Apr 2022 12:09:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 11 Apr 2023 12:09:48 GMT
truncated
/ Frame E305
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d869579f5717306aa8f2141ff971cdf8049962eb9b318c9c941b438af6da1fd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2567
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
25672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 12 Apr 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2567
295 B
353 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
24985
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 12 Apr 2022 09:53:05 GMT
l
www.google.com/ads/measurement/ Frame 2567
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQggYwJm-t2iVhZR-xC6w3lwUiCUKWrwalMAMRoaBqdNRAaBaC-WOMbmt_baF3WheEM_KuB
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 2567
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CsZuTGVxUYorJF8rE-gaV2YrYCLyOncBoy7T81MUP4_jOjsMvEAEgrPynBWCV4pCCoAegAfjY2KMByAEJqQJvC-bjxkGyPuACAKgDAcgDCKoE5wJP0F4Pripu_rXh6ZGn70rywpFpCZ-No7b-5-Xebgw_nMhUj44Bk32WCMQPjAN0Qbp4SiLX4gtVoU_U4y6ja5PhWuyrc67zvN8zzO3HHC_KKzbFRxP3K6sIrokNrxM1OjEnqVkotx28AZViGFMzJ8Sqm4XvLAwJMPoD1IuvvQ-EJX1KWWH9AOD28m9md67947evsOMl-pG1Hbpu84sMYmV6OG3JG9-k065QAoyRjbUYmkxfPVagoxqy1UB6wZndqnAI2h_3o2pHGAR-sar0Yk4ki0fXxfaem423QLF4y1JZmHWwkvCkR4phHwQgqUsbxnw4_S8TwKvZt4Xl-hp5_9bS1bplfVPk06jYgG4lA4q2oUNf_Pzrmwo4b6RN_Cfbax57ajcaz1jpF8-AECwDhb9yh8Dc16Iz2o0HZ_WeEnSghCMFywH18DByp8QgBAiWPRc6448c3v0FfA_upElxt0AKEAfL4ToC3sAE14mkgPwD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_Cmp9wCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQsPQT0ggJCIDhgHAQARgdgAoByAsB2BMN0BUBgBcBshceChwIABIUcHViLTM3OTM3MjA1MzQ1NzM0NzIY0PcF&sigh=X7REdITxJ6U&uach_m=[UACH]&template_id=419
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

truncated
/ Frame 2567
24 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1760708344a04220b5d0242c03f3dd26d57fda79aef73150511613a53001ca39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 2567
27 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd65a5c92613b1a231f11a30003b9f924ecdfff113905a7dc9de99db6c595f18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/jpeg
wt
t.pubmatic.com/
17 B
17 B
Image
General
Full URL
https://t.pubmatic.com/wt?pubid=156066&purl=https%3A%2F%2Fwww.businesstoday.in%2Ftechnology%2Fstory%2Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05%3Futm_source%3Drssfeed&tst=1649695772&iid=de32c320-a850-4877-8fe5-2b1e723b37ad-einnu&bidid=28ec296baf01fc8&pid=550&pdvid=26&slot=div-gpt-ad-1506670791889-4&pn=appnexus&en=0.09&eg=0.09&kgpv=%2F1007232%2FBusinesstoday_ROS_Desktop_728x90_BTF%40728x90&piid=
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 11 Apr 2022 16:49:31 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
content-length
17
content-type
text/plain; charset=utf-8
15452531880439868668
tpc.googlesyndication.com/simgad/ Frame C32C
40 KB
40 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15452531880439868668?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qke4WElfBQtMMFzgqE_CGPCIyvNhg
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa781059f6768a3d3c986ae32f921f3eed9320451c91ee20ebb9effd6a15b42e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:17:03 GMT
x-content-type-options
nosniff
age
1947
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41107
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 20:40:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 11 Apr 2023 16:17:03 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C32C
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
25672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 12 Apr 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C32C
295 B
399 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
24985
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 12 Apr 2022 09:53:05 GMT
l
www.google.com/ads/measurement/ Frame C32C
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTmyC_zCqLxCeXDY9zaQ0-O-PEnSyYG5icvqfZcS2W-CA-lew-SasrS5IqZi_GWwofH4fu
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame C32C
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ca3UzGVxUYq7OF8rE-gaV2YrYCIOIyMRp4-DE-NoPp8Kj5PAmEAEg-MjJIGCV4pCCoAegAffR3sMDyAEC4AIAqAMByAMIqgTjAk_Q_qTRmc6mGw7BWsifaNBuqnWJotTFyWTJRZCrudtstNQT6lR6vLfgW0-WEHrnFZxwQplMRai0g4DwJ8DSDR2kZ8pUpZGZIkVzujv4PPyeDvLSNoTHdqN3MFW9FXN1AUkMuprDrTUd-sYS1DpNjgO-0SSeL8RkQFocmGejshAokvDrwPHzGNqwqaUmAkYoUJbXBMeqRl5FDYSRNUaIAhaXL1y8fO2qlAui0ewKkXXTYjaB3Whj0AYXEJk75WgJS8xeD63i0C6d-29AjWbXYHrchiuoxpn8XmbWqdrwiwvyDGhEgcnJHJEdnmwfjitVX4MBKNwBcRIfG0NQEhtym2XpCA1dIChAnpl_j8UbTDQlDGlgbyE12M5KgBjbyW31G5W8BjI3ovzv8Rdr8mgBJthkz2Z4eQNvdsDPmvc8ZeBAItvwqcozLaMabLr4EgP-0Asv8vmtM7qMDpuEUu_FsP7zSCLABKGQ7tncA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfxraE8qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ3sMX0ggJCIDhgHAQARgdgAoDyAsB2BMM0BUBmBYBgBcBshceChwIABIUcHViLTM2MjIxMzYwOTg3OTQwNDAY0PcF&sigh=itLRKVaBRME&uach_m=[UACH]
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

15452531880439868668
tpc.googlesyndication.com/simgad/ Frame E305
40 KB
40 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15452531880439868668?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qke4WElfBQtMMFzgqE_CGPCIyvNhg
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa781059f6768a3d3c986ae32f921f3eed9320451c91ee20ebb9effd6a15b42e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:17:03 GMT
x-content-type-options
nosniff
age
1947
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41107
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 20:40:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 11 Apr 2023 16:17:03 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E305
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
25672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 12 Apr 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E305
295 B
353 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
24985
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 12 Apr 2022 09:53:05 GMT
l
www.google.com/ads/measurement/ Frame E305
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmWo09nx8edwS6Bgc5tPaBguDTTLbjow3c9mEFLfuXEwI0WroW_5g-ABWEUyciXY0K0X4P
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame E305
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_VFSGVxUYsDPF8rE-gaV2YrYCIOIyMRp4-DE-NoPp8Kj5PAmEAEg-MjJIGCV4pCCoAegAffR3sMDyAEC4AIAqAMByAMIqgTjAk_QA6AKE-exCtm0MtTIYx7Uo0C7fjMPfyXdMJA8KQMUBwUOa5oSuO4CiNOnjw3jUdTnHaUETpIEFfSUM42mXvbg2PLPyD22IAPPiI8qq0cdaEK7RxRT8EIuj8lfjHb5yGizUeLNc06shXZfFwDl8Ji7zM-xTnM7JtOMeME85l40ruhv0ukOWVZg31hvXCXv-e2FwBg9DyXvUO1F6pn6pYsdfUntFu1VeDiz9Ak52UJcvumGsGHdj2wQrNL55su9dEFtX64RWl66BbzA9lDiBzk2ARGuwqfX_uDQn-wqKHzx-iF1wRbk3l4SpZRwrpMQSuX4WjFM1eH2SvwoyQU7U9TGkLfCUfTnJtGy5TSgUkt_3SQ1lSPBlEa7wyCHVfP_8VXpIuKgTNsHIlcEyAVhrQ3z-FUO_plGjXo2ozkf89-WepEDavbrHQOQ9PFlvYNDRuA67dNKy3tN6JF-ya3lGJqVEJXABKGQ7tncA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfxraE8qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQrpgb0ggJCIDhgHAQARgdgAoDyAsB2BMM0BUBmBYBgBcBshceChwIABIUcHViLTM2MjIxMzYwOTg3OTQwNDAY0PcF&sigh=VlZKj2NWiQE&uach_m=[UACH]
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

log_event
www.youtube.com/youtubei/v1/ Frame B6A9
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/fyOb7dDQiuY
X-YouTube-Client-Version
1.20220406.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtGbGl5RldyZ0MwdyiXuNGSBg%3D%3D
X-YouTube-Ad-Signals
dt=1649695769095&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C950%2C564&vis=1&wgl=true&ca_type=image

Response headers

date
Mon, 11 Apr 2022 16:49:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Mon, 11 Apr 2022 16:49:30 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9CF4
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCp37T3ARjunu3BATAB&v=APEucNXFunX_SKJXoyGphGeZ9XikA4dqD5wb7uYY_xBnw6-pLE-s0FcSZ_cHtwLdYXO_PGUuhw4jJN6ulKEhf_3VD6NusEK6cw
Requested by
Host: a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com
URL: https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Apr 2022 16:49:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame E843
19 KB
8 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:33:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
962
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
server
cafe
etag
3330746967810570135
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 16:33:28 GMT
4246319668733505871
s0.2mdn.net/simgad/ Frame E843
32 KB
33 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/4246319668733505871
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44a6a315ed1bbdcc19939f3183fb7a2f7f83c16cefcc903185284d849f7ffcfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 08:18:34 GMT
x-content-type-options
nosniff
age
549056
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33255
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 15:04:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Apr 2023 08:18:34 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/ Frame E843
6 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1509
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 16:24:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E843
0
622 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvYVVZPVtya0_oXfROhJXXDt0Eg6RwEd2mNgFbMDpi3RVts2_lKHNd5laVzG7G-I7hea8AdEmGSPn7OXrhR5dHCvCc5-TajqEY5kNMhOD8FAp3ei2qE_nFOQ2jwrawr04k_9oWfZpxTCGHwvoU8sM_05Kqzi1GHsnBZVYj2W-kfMuRDwtMC4cx5JXszRTMYQwSRcI0KEQEmpLx1Jxw_5rPjYDgdeVgX2mVun2koUuxNHuDxP8YICnmNe3KCSyeBzhu3utGTMSZirpQJN-9rRySAoA7W8yDWmFw2-VZ0Dwy0jf9P9LyXX6ZmUBTEZNUaAeqZoG8TlWoSCw48owhrbJzTsMcLDvILMlRf0WTpdwFj9flhnanaQS6wuRhvMirAj3CKlDhtZkXmt8Wh5rJ9MhqAm9chhImMIkCmo0DcfanaUihrY76f2rmoTDu4L_Wlt6madyLROBc0CWWZF8QGH37GB7grQp1lhxpv-kL0FopRcBXLWJZ_4kFv63_eMM6Dr0pvA_fC9WMv6MhKLat7axrfC68bf0tfpC09Z9-CDbKdml_sbkom610GiU7aenbxMOGnnBCtfbMzRUgf81WP_doDqe25szrMfhKUsmrnyYeoxUGI2aIE7_YfSvRLnTgDiYwsMbTqRuwFapxukjDsu6-rkaZyuqfWSqzlGjuWbw7d2uiHCGU0FQbDH6X_a0Ay4g5N0YIF2ZGMQCNJrgTyi19b1BQvy4subttsIxOAP0dt46AdaFXkl3lrBnb0Avl3k4Sd7leNO4U2M0ABYhiLnz3Ki0NhC-T5DuxVhya1wwN08536gudrk_8snf6SoSKdZglQhX7W1-V7KtX7TrUPfUgLMSMTycHKjQesvSMdgE4IH2kspeKomErrfrcnKDOs3l65mdHRu4hwidGoWju3BfMGQD_sqOHVvtMAYGSJipqDiQED0LWeMxWa4Diowc5qWyamPlyMLnbjcqIkTXZ6-WahwKJiKIFiwRxP8KBWYRKogMpmTr0GJZ5KLE_uOXHMEzlU1kwzlFMyicgfzCnS5DHYsur7U-A_pDaJOmACZu8_pW5BBg81WBXDf3c5-iHHwWqFtCMfzFfzaFDgd519xrYE8iIpXpKq-EZBr6fV1k9Cboza8VyRkAACMjO-nefwo8cCH8kdwRuV4VZeQdg0Xsc-1Z8JKRX0MlMKLV12_c-jLOhK2K8NDfhY_mjAFeD3ad6yrt3t&sai=AMfl-YR5zE2UKfsweHPh9x3X0lMMP5ZoJLAtACRbEoIjUPE43SjoVq6yDuJrXu3gtzJSxHWFHHRTeyJKBOhoAr9eJO0q5cU8u1IgwyVoSMOYAJlIGQ1pV00mRo_wXAuY_75LqDSNb5YYo11lhToEdk3ihD6zrHDl_nEMqIIRvzLjdSA6kiVZa7KI6q66Lga2hFbsoM6faIcIziflv2IMk5ZajP_-LVjkVZj0lfGDs1nlSNo6qngY6Zl7Qv8UcqM5ReXYwj7Y7WOPFawMYHjv1B6Odn-Ktv7AoZVVM6drWcy7rprx&sig=Cg0ArKJSzJZCoKHk9L09EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220406.58007&adurl=
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 11 Apr 2022 16:49:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E843
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 08:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Apr 2023 08:13:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E843
42 B
173 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CCKAt25T4OkTFEyCJw0iZHNEj1B5MSu0EzCUloMnLQr7cgiOZ_H0_dVu551pPBlI8rugKzmGpcns35TUk-ojlvhY9nWRtKeBdpusDESpZ1LRtsOG8
Requested by
Host: a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com
URL: https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame E843
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js
Requested by
Host: a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com
URL: https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 16:47:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E843
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com
URL: https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649247338736001"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Apr 2022 16:49:31 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame E843
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com
URL: https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:39:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
623
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 16:39:07 GMT
l
www.google.com/ads/measurement/ Frame E843
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRcy7kOxcf8WeVKvl-eGhXP63Q7dcFZQsU1ZujGZZlg9WBfpG-twIZBUE9XMY_qGTv6qgHe
Requested by
Host: a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com
URL: https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

request.php
hal90008.redintelligence.net/ Frame ACF8
Redirect Chain
  • https://hal90008.redintelligence.net/request.php?zone=9odysa1gd1m7&nw=20&renderingType=javascript&namespace=6999a46793&subid=&uid=18183f2d9d68bfb8&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90008.redintelligence.net/request.php?zone=9odysa1gd1m7&nw=20&renderingType=javascript&namespace=6999a46793&subid=&uid=18183f2d9d68bfb8&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
2 KB
1 KB
Script
General
Full URL
https://hal90008.redintelligence.net/request.php?zone=9odysa1gd1m7&nw=20&renderingType=javascript&namespace=6999a46793&subid=&uid=18183f2d9d68bfb8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5122599489756562231%26mt_id%3D6622401%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.businesstoday.in%2Ftechnology%2Fstory%2Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05%3Futm_source%3Drssfeed&ancestorOrigins=https%3A%2F%2Fwww.businesstoday.in&random=6951195661420&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
HTTP/1.1
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7507d83f8747bc17511083a8242e88fb182c95c038a47f025e67a89a7c2bcffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Apr 2022 16:49:31 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
96921400142175700951421011926008
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
893
Expires
Mon, 11 Apr 2022 17:49:31 +0200

Redirect headers

Pragma
no-cache
Date
Mon, 11 Apr 2022 16:49:31 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=9odysa1gd1m7&nw=20&renderingType=javascript&namespace=6999a46793&subid=&uid=18183f2d9d68bfb8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5122599489756562231%26mt_id%3D6622401%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.businesstoday.in%2Ftechnology%2Fstory%2Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05%3Futm_source%3Drssfeed&ancestorOrigins=https%3A%2F%2Fwww.businesstoday.in&random=6951195661420&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Mon, 11 Apr 2022 17:49:31 +0200
si
googleads.g.doubleclick.net/pagead/drt/ Frame E305
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H3
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

date
Mon, 11 Apr 2022 16:49:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame C32C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H3
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

date
Mon, 11 Apr 2022 16:49:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
15452531880439868668
tpc.googlesyndication.com/simgad/ Frame C32C
40 KB
40 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15452531880439868668?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qke4WElfBQtMMFzgqE_CGPCIyvNhg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa781059f6768a3d3c986ae32f921f3eed9320451c91ee20ebb9effd6a15b42e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:17:03 GMT
x-content-type-options
nosniff
age
1947
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41107
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 20:40:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 11 Apr 2023 16:17:03 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C32C
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
25672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 12 Apr 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C32C
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
24985
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 12 Apr 2022 09:53:05 GMT
15452531880439868668
tpc.googlesyndication.com/simgad/ Frame E305
40 KB
40 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15452531880439868668?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qke4WElfBQtMMFzgqE_CGPCIyvNhg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa781059f6768a3d3c986ae32f921f3eed9320451c91ee20ebb9effd6a15b42e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 16:17:03 GMT
x-content-type-options
nosniff
age
1947
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41107
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 20:40:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 11 Apr 2023 16:17:03 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E305
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
25672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 12 Apr 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E305
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
24985
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 12 Apr 2022 09:53:05 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E843
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvYVVZPVtya0_oXfROhJXXDt0Eg6RwEd2mNgFbMDpi3RVts2_lKHNd5laVzG7G-I7hea8AdEmGSPn7OXrhR5dHCvCc5-TajqEY5kNMhOD8FAp3ei2qE_nFOQ2jwrawr04k_9oWfZpxTCGHwvoU8sM_05Kqzi1GHsnBZVYj2W-kfMuRDwtMC4cx5JXszRTMYQwSRcI0KEQEmpLx1Jxw_5rPjYDgdeVgX2mVun2koUuxNHuDxP8YICnmNe3KCSyeBzhu3utGTMSZirpQJN-9rRySAoA7W8yDWmFw2-VZ0Dwy0jf9P9LyXX6ZmUBTEZNUaAeqZoG8TlWoSCw48owhrbJzTsMcLDvILMlRf0WTpdwFj9flhnanaQS6wuRhvMirAj3CKlDhtZkXmt8Wh5rJ9MhqAm9chhImMIkCmo0DcfanaUihrY76f2rmoTDu4L_Wlt6madyLROBc0CWWZF8QGH37GB7grQp1lhxpv-kL0FopRcBXLWJZ_4kFv63_eMM6Dr0pvA_fC9WMv6MhKLat7axrfC68bf0tfpC09Z9-CDbKdml_sbkom610GiU7aenbxMOGnnBCtfbMzRUgf81WP_doDqe25szrMfhKUsmrnyYeoxUGI2aIE7_YfSvRLnTgDiYwsMbTqRuwFapxukjDsu6-rkaZyuqfWSqzlGjuWbw7d2uiHCGU0FQbDH6X_a0Ay4g5N0YIF2ZGMQCNJrgTyi19b1BQvy4subttsIxOAP0dt46AdaFXkl3lrBnb0Avl3k4Sd7leNO4U2M0ABYhiLnz3Ki0NhC-T5DuxVhya1wwN08536gudrk_8snf6SoSKdZglQhX7W1-V7KtX7TrUPfUgLMSMTycHKjQesvSMdgE4IH2kspeKomErrfrcnKDOs3l65mdHRu4hwidGoWju3BfMGQD_sqOHVvtMAYGSJipqDiQED0LWeMxWa4Diowc5qWyamPlyMLnbjcqIkTXZ6-WahwKJiKIFiwRxP8KBWYRKogMpmTr0GJZ5KLE_uOXHMEzlU1kwzlFMyicgfzCnS5DHYsur7U-A_pDaJOmACZu8_pW5BBg81WBXDf3c5-iHHwWqFtCMfzFfzaFDgd519xrYE8iIpXpKq-EZBr6fV1k9Cboza8VyRkAACMjO-nefwo8cCH8kdwRuV4VZeQdg0Xsc-1Z8JKRX0MlMKLV12_c-jLOhK2K8NDfhY_mjAFeD3ad6yrt3t&sai=AMfl-YR5zE2UKfsweHPh9x3X0lMMP5ZoJLAtACRbEoIjUPE43SjoVq6yDuJrXu3gtzJSxHWFHHRTeyJKBOhoAr9eJO0q5cU8u1IgwyVoSMOYAJlIGQ1pV00mRo_wXAuY_75LqDSNb5YYo11lhToEdk3ihD6zrHDl_nEMqIIRvzLjdSA6kiVZa7KI6q66Lga2hFbsoM6faIcIziflv2IMk5ZajP_-LVjkVZj0lfGDs1nlSNo6qngY6Zl7Qv8UcqM5ReXYwj7Y7WOPFawMYHjv1B6Odn-Ktv7AoZVVM6drWcy7rprx&sig=Cg0ArKJSzJZCoKHk9L09EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=175&vt=11&dtpt=174&dett=2&cstd=0&cisv=r20220406.58007&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 16:49:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 26E2
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
30988
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Apr 2022 08:13:03 GMT
expires
Tue, 11 Apr 2023 08:13:03 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
287vsxWa92ZzAf4Hva6mMSSE5qc9GsoRRsyFmqSdVGI.js
pagead2.googlesyndication.com/bg/ Frame 26E2
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/287vsxWa92ZzAf4Hva6mMSSE5qc9GsoRRsyFmqSdVGI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbceefb3159af7667301fe07bdaea6312484e6a73d1aca1146cc859aa49d5462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 14:26:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
8554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13808
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Apr 2023 14:26:57 GMT
activityi;dc_pre=CODXv9O7jPcCFYRqGwod1LwNLw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6143850777058.117
8019191.fls.doubleclick.net/ Frame 394E
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6143850777058.117?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CODXv9O7jPcCFYRqGwod1LwNLw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6143850777058.117?
391 B
346 B
Document
General
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CODXv9O7jPcCFYRqGwod1LwNLw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6143850777058.117?
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
fc87853f85b8d74768aee6a2803bc66caa46001443b62faab08c0843fdc3a00b
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.businesstoday.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
323
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Apr 2022 16:49:31 GMT
expires
Mon, 11 Apr 2022 16:49:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Apr 2022 16:49:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CODXv9O7jPcCFYRqGwod1LwNLw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6143850777058.117?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal90008.redintelligence.net/ Frame DEC1
7 KB
3 KB
Document
General
Full URL
https://hal90008.redintelligence.net/request_content.php?s=96921400142175700951421011926008&a=1665541e
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=9odysa1gd1m7&nw=20&renderingType=javascript&namespace=6999a46793&subid=&uid=18183f2d9d68bfb8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5122599489756562231%26mt_id%3D6622401%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.businesstoday.in%2Ftechnology%2Fstory%2Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05%3Futm_source%3Drssfeed&ancestorOrigins=https%3A%2F%2Fwww.businesstoday.in&random=6951195661420&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e1900630ba388f24e8684e1471fa09e3485ced52ee6e300e34fc071a1facce4b

Request headers

Referer
https://www.businesstoday.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2296
Content-Type
text/html; charset=utf-8
Date
Mon, 11 Apr 2022 16:49:31 GMT
Expires
Mon, 11 Apr 2022 17:49:31 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
rd_log
ams1-ib.adnxs.com/ Frame ACF8
0
818 B
Script
General
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.businesstoday.in%2Ftechnology%2Fstory%2Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05%3Futm_source%3Drssfeed&e=wqT_3QLIDejIBgAAAwDWAAUBCJi40ZIGEPLwto6kiM2NOxgAKjYJ8WjjiLX49D4RwsR6_g8L8D4ZAAAAoHA9GkAhwg0SACkRJNAxAAAAIIXr4T8w8fOrBjj0SUCmBkgCUKblwZMBWIX1XGAAaILPdnj6vgOAAQGKAQNVU0SSAQEG8H2YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBKkJ1c2luZXNzdG9kYXlfUk9TX0Rlc2t0b3BfMzAweDI1MF9BVEZfRHdlYooCWHVmKCdhJywgMTgxNTE4NywgMTY0OTY5NTc2OCk7dWYoJ2knLCA1NjY0MTJGHAAwcicsIDMwOTM1OTI3MDYfAPCQkgL1AyF5VmN1a3dpX2xwVVJFS2Jsd1pNQkdBQWdoZlZjTUFRNEFFQUFTS1lHVVBIenF3WllBR0RfX19fX0QyZ0FjQUY0QVlBQkFZZ0JBWkFCQVpnQkFhQUJFcWdCQTdBQkFMa0JyNjlLTmJiNDlEN0JBYS12U2pXMi1QUS15UUVBQUFBQUFBRHdQOWtCQUFBQQEPbDhEX2dBWXpKSXZVQnJNVW5ONWdDQUtBQ0FMVUMBIAhBTDAJCPBMTUFDQWNnQ0FkQUNBZGdDQWVBQ0FPZ0NBUGdDQUlBREFaZ0RBYm9EQ1VGTlV6RTZOREUyT2VBRGh5NkFCQUNJQkFDUUJBQ1lCQUhCQkEFWgUBCHlRUQUIBQEYTmdFQVBFRQUMBQEgQ0lCY2tncVFVBQ4cQUFEd1A3RUYNDQEQBEJCHT8AeRUoDEFBQU4yKAAAWi4oAPA8NEFVQzhBV2poSVlDLUFXVDVXNkNCZ05WVTBTSUJnQ1FCZ0dZQmdDaEJ2Rm80NGkxLU9RLXFBWUJzZ1lrQx1wAEUdDABHHQwASR0MOHVBWUuaApkBIXBSU3hWZzr5AVhJWDFYQ0FBS0FBeDhXamppTFg0NUQ0NjJFARRVQ0hMa2sB0wBBJQEAMT0gAEYRGAxBQUFHHRgARx0YAEgdGBBIZ0FpUR0QbEEuLtgCAOAC3JNI6gKeAWh0dHBzOi8vd3d3LmIuMwP0KgEuaW4vdGVjaG5vbG9neS9zdG9yeS95b3VyLWFuZHJvaWQtcGhvbmUtbWF5LWJlLW5leHQtdGFyZ2V0LW9mLW5ldy1tYWx3YXJlLWFzc29jaWF0ZWQtd2l0aC1ydXNzaWEtMzI4NjY4LTIwMjItMDQtMDU_dXRtX3NvdXJjZT1yc3NmZWVk8gIRCgZBRFZfSUQSBzE4MTUxODfyAhEKBkNQR19JRBIHNDI5MzE1NfICEQoFQ1BfSUQSCDM1OTk4NTI38gINCghBRFZfRlJFURIBMPICDQoIUkVNX1VTRVISATDyAgwKCEFEVl9DT0RFEgDyAgwKCENQR19DT0RFEgDyAgsKB0NQX0NPREUSAPICDwoFSU9fSUQSBjU2NjQxMvICCwoHSU9fQ09ERQE9RBMKD0NVU1RPTV9NT0RFTF9JRAEWCBoKFjIWACBMRUFGX05BTUUBHQgeCho2HQAIQVNUAT4MSUZJRQU-HA0KCFNQTElUAU3w7QEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD0sFT4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk0LjE2M6gEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo0MTY52gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF4agc-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBvgB2gYWChAAAAAAAAAFFgUBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGgAgAbUswgZAAMgH-r4D0gcNFXYBOAjaBwYJJ0TgBwDqBwIIAPAHrswNiggCEAA.&s=511f2af24446a6ef66f8152f2016ad6d20141289&bdref=https%3A%2F%2Fwww.businesstoday.in%2Ftechnology%2Fstory%2Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05%3Futm_source%3Drssfeed&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.businesstoday.in%2Ftechnology%2Fstory%2Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05%3Futm_source%3Drssfeed,https%3A%2F%2Fwww.businesstoday.in%2Ftechnology%2Fstory%2Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05%3Futm_source%3Drssfeed&
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Apr 2022 16:49:31 GMT
X-Proxy-Origin
217.138.194.163; 217.138.194.163; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
770ef3d9-c5cb-434b-94ef-3ecd71b7fcc3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame E843
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d300a6e58b0c32c6b1560912ab019fbd929f371c6b30618a024952bac7eb7104

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame ACF8
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvh1Fd8T0o165SswRKElM3wayybpOmsq3uVF_6hr1AbkmrqymaBCHCaYsTNltXUjnbs4xGBJaTT1L476_Js3xZdDUg4DVY8wjEgVHQzIrwHYfyECna4ekE0YVLPVlJyr31gFbbHm3ZSmtpmuPFbHTOBXJ0sKgHm_Y4QAKdY7JBnyKU5fL-GqzTJPbzIQZ4alT0pkelQJu4HQd8HPRhGiZWPrfWG1rkg3bINPZ8WUVURU-Nozv4mf12L8_O2LXauNNYSOSZlBuc0kup8aLHrpuTSdzNMjsvW5Mflukt4loDEK9DGQOTJmjUVf6pDnZ_ireqlxdmt_NpLOAc0kTLkHo-pY79wnsnF&sig=Cg0ArKJSzNGbrCvJ-4ppEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 16:49:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 11 Apr 2022 16:49:31 GMT
truncated
/ Frame ACF8
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52fd0f39e6b408309d7455fb1882324ba4609f269640cb3423b2053655b56834

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
vevent
ams1-ib.adnxs.com/ Frame ACF8
0
845 B
Ping
General
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.businesstoday.in%2Ftechnology%2Fstory%2Fyour-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05%3Futm_source%3Drssfeed&e=wqT_3QLoC-joBQAAAwDWAAUBCJi40ZIGENmek9n1yuuoTxgAKjYJ203wTdNnuz8R-g7Zm3NLtz8ZAAAA4HoUEEAh-g0SACkRJMgxAAAAANej0D8w9POrBjj0SUAdSAhQ19qohgFYhfVcYABogs92ePq-A4ABAYoBA1VTRJIFBvBpmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBKUJ1c2luZXNzdG9kYXlfUk9TX0Rlc2t0b3BfNzI4eDkwX0JURl9Ed2Vi2AIA4ALck0jqAp4BaHR0cHM6Ly93d3cuYnVzaRVB9OIBLmluL3RlY2hub2xvZ3kvc3RvcnkveW91ci1hbmRyb2lkLXBob25lLW1heS1iZS1uZXh0LXRhcmdldC1vZi1uZXctbWFsd2FyZS1hc3NvY2lhdGVkLXdpdGgtcnVzc2lhLTMyODY2OC0yMDIyLTA0LTA1P3V0bV9zb3VyY2U9cnNzZmVlZIADAIgDAZADAJgDF6ADAaoDpwYK3gVodHRwOi8vdGFncy5tYXRodGFnLmNvbS9ub3RpZnkvaW1nP2V4Y2g9YXBuJnNfZXhjaD1hcG4maWQ9NWFXOTVxMmpMekl6THlBdlRWUlZlVnBVWkdwTlJHZDBUVVJCZDAxRE1IZE5SRUYzVEZSQmQwMUVRWFJOUkVGM1RVUkJkMDFFUVhkTlJFRjNMelV4TWpJMU9UazBPRGszTlRZMU5qSXlNekV2TmpZeU1qUXdNUzgwTlRZeU16RXlMekV6TDFCbGJYcFJRV0ZTTTBJMWRWSkdSRUZ1WWpOS1VIZHpSRmswYjJONFQwUkZSVWRKVDNsZldFOTBSSGN2TVM4eE15OHdMekF2T1RVMk9EQXpMek0yTkRrM05EazJOamN2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVJCZDAxRVFYEdQ4TXdkMDFFUVhkTVZFRjNUIQQARQUQOjAAEGN2TUM4BXwJCAxVeE1qVvwA2FlXMXpMekF2TVRZd05TODNPQzg1T1Rrdk16SXlMekl4Tnk0eE16Z3VNVGswTGpBdk1DNHdNREEBMPCGME9UWTVOVGMyT0M4eE5qUTVOekE0TXpZNEx6RXpMemswTmpBdi9oel9iQ3p3NlRTektDQjlXUDJkN3d4SkVLWncmbm9kZWlkPTMxNDgmZ3JvdXA9Y2RnJmF1Y3Rpb25pZD01MTIyNTk5NDg5NzU2NTYyMjMxJnNoYXJka2V5PTUxMjI1OTk0Lh0A9DQBcHJpY2U9JHtBVUNUSU9OX1BSSUNFfSZuZnlfYWN0PUxENXdmM1UmYmZpcD0xODUuMjkuMTMyLjM5JnNpZD00NTYyMzEyJmNpZD02NjIyNDAxJnNyYz1hcGkmdHlwZT1udXJsJmNsaWVudD1zMnMSEzUxMjI1OTk0ODk3NTY1NjIyMzEaEzU3MTU1NDEwOTIzMjQzOTY4ODkiCTI4MTY4NTMzNSoGMTAxOTM2Ogc2NjIyNDAxwAOsAsgDANgD0sFT4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk0LjE2M6gEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATX2qiGAYgFAZgFAKAFhKK95f6NpfENwAUAyQUAgeoYAPA_0gUJCQULfAAAANgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAMEGASEBMSTQBvmrAdoGFgoQCRIZAXwQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzG6BwGxTAAYACAAMAA4wgZAAMgH-r4D0gcNFYABHgjaBwYBeUwYAOAHAOoHAggA8AeuzA2KCAIQAA..&s=9e65fe00d9e35dbb55fd98ac683707ca87e8d3a3&type=nv&nvt=5&jm=1003&px=286&py=3808&bw=728&bh=90&sid=8236646241691215655&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=13302260&sw=1600&sh=1200&pw=1600&ph=4279&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Apr 2022 16:49:31 GMT
X-Proxy-Origin
217.138.194.163; 217.138.194.163; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e24bf2cc-c29c-4376-9ff2-010e8370b266
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.businesstoday.in
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
wl
t.pubmatic.com/
17 B
125 B
XHR
General
Full URL
https://t.pubmatic.com/wl?pubid=156066
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/550/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.businesstoday.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:31 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.businesstoday.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/
17 B
98 B
XHR
General
Full URL
https://t.pubmatic.com/wl?pubid=156066
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/550/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.businesstoday.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:31 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.businesstoday.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/
17 B
98 B
XHR
General
Full URL
https://t.pubmatic.com/wl?pubid=156066
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/550/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.businesstoday.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:31 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.businesstoday.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame DEC1
89 KB
32 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=96921400142175700951421011926008&a=1665541e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 09:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Apr 2023 09:13:26 GMT
S-728x90.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame DEC1
24 KB
24 KB
Image
General
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-728x90.gif
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=96921400142175700951421011926008&a=1665541e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.21.70.99.88.clients.your-server.de
Software
nginx /
Resource Hash
7c67dc1e9ecce0d3757d97792fd606effaa6fe799ebe7423aff81e26e07900a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 16:49:31 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:29 GMT
Server
nginx
ETag
"5b55f201-5f90"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
24464
gen_204
pagead2.googlesyndication.com/pagead/ Frame 26E2
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzYyXGVxUYsHHF8rE-gaV2YrYCAAAAAA4AeAEAg&bg=!2dql2p7NAAZAkm7qYJI7ACkAdvg8WoqVWLZWtKvLjcGcWw1ZDPsbblt7inzfupLo0yJXP3_eD0CwrgIAAADQUgAAAAJoAQcKAEi_vGm1FChsWCFf6bXGd_z5PAbHJ8VWwp1WJ0s_75hAiAyE2lPgaQmpIXkirSllTR3vg9AiZ0C7SmzGadcw3MPJ9GjxkFKOqdWZAu7tPOo_8NbsVW6i7DY7ogBVmt5PKwdWIvpGYgzek1XhA0ofvuFo3XtpFVe8VJYY8goVk_7VvbwBt3bC5epZ9-AMPtfq_DK-PsLyvcOf0mnu3EUX5tlnoIBta7SiWv0uFKy2wUvFRa8UG6q1HgnemdndQDovTluNDnvKM-wWnjdhQMhZ4GauLY6qrbX-5_WKutI-w-tTHn6BxlqY8HJrs0JSZUYiSu78rcrTcLCbzRXmUjG8PGYmKPkjV9ayP5z30I7QGtGC9Kzl_OzUrKbUA2WIOz1IoJj2g3hai6dKyEVOmFTeJKIXJI1eE7xuVZIZs924FIsk7t82VxickSv39DRMeDAXeTFkOd-ggWFp4423a7wNOpab3ZlonrVTTJ2tgiKhcFpn8rdBxnrdH2u05qW7adanLP5Vdk2UCaUqi5frte4m7UL2ALx4ZtDF7EKQroOznTmL77harOcM7ObuMd22TYcLWxkYKbvUIP9u2cZQaIAwm8A38cbrrykptu5loEXCYuroLGdfEApmsfiV9gIbCtsE4EvG73SDjo4iKtVYzZzTMHGHahYR0YhfSU6n4cG9SkmXI171GAGHs2OVTjsbZ7nLMfLuqRViC00AhmW5HatnjF1_bfR-hjNpa_8d_tD7x_8SLwLV6JnR5OhjtI-RdTJ_M_zEw7fjoDQHPjgZ05XJrX1XY3fL0Cxcg4RwCKkswGa9rLqCLGRRkpXhJyRBz4rzEdWEeWYhL_EXjWzUZj0yiqsN7dEoQYEecQfXznGqMqolszLOtPy-dz_BwZFpgEcqSBBJeMDUh4CrmTfeg2-QGhSODeTdrduUwuHutwHekVnXRkcGSu56n3yIHcvjWop3nhqFUPV_bjIwMPn0EneybXT97unlet8NvnylZ4hx5H6U47lXwa8P_JZgyHLEwiJEv1jv_SPx-t-jgyzYl-YH25fKlVLSMkGypGgIBLo6yU-ZbS_kdytYswFS2qhpScYH-VuapFn0zAW2veA
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CODXv9O7jPcCFYRqGwod1LwNLw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6143850777058.117
adservice.google.com/ddm/fls/z/ Frame 394E
42 B
63 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CODXv9O7jPcCFYRqGwod1LwNLw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6143850777058.117
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CODXv9O7jPcCFYRqGwod1LwNLw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6143850777058.117?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal90008.redintelligence.net/ Frame DEC1
0
150 B
Script
General
Full URL
https://hal90008.redintelligence.net/viewability?s=96921400142175700951421011926008&a=4842464f&vb=m
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=96921400142175700951421011926008&a=1665541e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/request_content.php?s=96921400142175700951421011926008&a=1665541e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 16:49:31 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame DEC1
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 2567
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPqCd28WFRP-d2j39W3G9D5cmEVxSllkQYadm7WS1mgaPc4q7WwongUqM3g9ygR3HOXlHpzNn2D9JKRg_W8722NE_sI8WOCE_GXtSnEq4nZl3m2-g3Tj7cMaZxGFqLx9Z5QVWUKeOxguRF&sai=AMfl-YTCP3vtfV_0uYCffNiMs-CptWDhYVnNAv4GA0OvBUA4Iielb9zPTFFdtnt0RYT6YNYf9-OBSptti5O1NX_51U_B8S4DkMnYHQ55MQJMHD_aRrcJt8uKDXmrGDcb&sig=Cg0ArKJSzCSTgp8LagX4EAE&cid=CAASUORopwOP4hoGMN_hgi_tGqmqPhdrOr9svFgyzaJcT4kG5hRhusgQA6OW_1IGoNGWqwnsQ7Vb8pAhInqzOgaHlNo5dE6URiWAwUnGksiRjPmt&id=ampim&o=1135,358&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=370&tls=1370&g=100&h=100&tt=1370&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2880820799
Requested by
Host: www.businesstoday.in
URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.businesstoday.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E843
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsux3xud0VmQ0ltMrIGa9a4F8xbhfWtlw9uq7-plroKLjXhiAeRWCeUF2de-uGf7WehSw_td4stySpW48bCtrFECZpuhsnmLeiXXkZFuDh7KPmaWiRa41A&sai=AMfl-YTqsiief9YXROLx2KVoOuNOkZUOWE9POMWGCgk3wiBWhFqE-9L3FxZJ6mPFNzFwKvzAfSAYeww0wcxN-4GkhvEzQ20CR8UoKT3hWRzmSAyVUPP7guOOmr7ctrdE&sig=Cg0ArKJSzHoDl_nFnwmEEAE&cid=CAASUORoTK5ZWHNWLxm7_vNhTiVlMN0GWlFwInA-uxPONeY0S97cjZCu0UHfG-wVUnVI-Me5or_F6l34sY3efoXs8FuUis5H7VQ5yXaTi_d8nhRR&id=lidar2&mcvt=1000&p=529,276,619,1004&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2437962569&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649695771586&rpt=1034&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 16:49:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.businesstoday.in
URL
https://www.businesstoday.in/service-worker.js
Domain
recengine.intoday.in
URL
https://recengine.intoday.in/collector/com.snowplowanalytics.snowplow/tp2
Domain
cdn.izooto.com
URL
https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75234039&p=156066&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

262 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails boolean| is_sso_check undefined| ssoUserDetail string| is_ad_free function| GetQueryStringParams function| getLoginCookie string| GoogleAnalyticsObject function| ga object| _comscore function| isMobile string| atViewPort boolean| isPoll function| callJavaScriptFile function| readCookie object| adcookie function| getAdCookie string| ProfileId object| PWT object| googletag object| dataLayer object| storyURL number| storyURLP object| _ttCc function| _ttRunCode number| _ttStRunCode object| _ttCodeLoad function| docReady object| rosURL number| magURL number| magissueURL object| elements object| class2Exclude object| WebFontConfig object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| udm_ object| ns_p object| COMSCORE string| n number| cnts number| tchautoenable object| dataMapping object| WebFont object| google_tag_manager function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| partnerName string| key string| abcappid1 string| idForCoki string| idType string| story string| video string| photo string| expirationTime object| date number| dateTimeNow string| cookiePath number| Unix_Timestamp string| platfrom string| apidForCookie object| v_itgd_ls string| parse_json undefined| d undefined| expires boolean| ar_flag_sid object| ar_avd_dup string| s1 string| s2 string| s3 string| s4 string| s5 string| s6 string| s7 string| s8 string| s9 string| s10 string| v1 string| v2 string| v3 string| v4 string| v5 string| v6 string| v7 string| v8 string| v9 string| v10 string| g1 string| g2 string| g3 string| g4 string| g5 string| g6 string| g7 string| g8 string| g9 string| g10 string| scln string| cln number| st1 string| st2 string| st3 string| st4 string| st5 string| st6 string| st7 string| st8 string| st9 string| st10 string| vt1 string| vt2 string| vt3 string| vt4 string| vt5 string| vt6 string| vt7 string| vt8 string| vt9 string| vt10 string| gt1 string| gt2 string| gt3 string| gt4 string| gt5 string| gt6 string| gt7 string| gt8 string| gt9 string| gt10 undefined| ja object| story_ar object| video_ar object| photo_ar object| story_ar_t object| video_ar_t object| photo_ar_t boolean| commonFlag undefined| index_val undefined| a string| s_ar string| s_ar_t string| v_ar string| v_ar_t string| g_ar string| g_ar_t string| cookie_id_frmt object| v object| GlobalSnowplowNamespace function| snowplowAmt function| $ function| jQuery function| Swiper function| logMomentNotification function| getLoginStatus function| itg_push_loyality_point function| keypressInBox object| _sf_async_config number| _sf_endpt undefined| share_href object| _izq object| container undefined| _izAlt object| _iz object| izConfig function| loadVidoomy number| cookietime object| b_Cross object| install_Button function| setCookiePWA function| getCookiepWA function| eraseCookiePWA boolean| slideOpen function| getHeight boolean| heightChecked number| initHeight object| intval function| slideToggle object| mob3dot object| bgShadow object| menuClose object| mobMenuContainer function| windClick function| SwitchTab function| Trinity object| lazySizes object| default_gsi object| google function| mediaBindEvent object| ggeac object| google_js_reporting_queue boolean| mCustomScrollbar function| openHideMenu function| resize undefined| checkVal function| radioChacked function| gdprconsent function| setCookie function| createStyle function| getCookie string| modCookiepolicy function| getGdprStatus function| loadGdpr object| head object| style object| gdprcon string| url boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL function| _typeof function| setAiCookie function| getAiCookie function| getSetAiCookies object| Snowplow object| google_optimize object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| __G_ID_CLIENT__ object| closure_lm_563564 function| _izooto string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL undefined| google_measure_js_timing object| CE2BH function| CE_URL_FINGERPRINT object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| ampInaboxIframes object| ampInaboxPendingMessages object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| iframsAll object| msgData number| lnt_z

38 Cookies

Domain/Path Name / Value
.businesstoday.in/ Name: _ga
Value: GA1.2.713257619.1649695769
.businesstoday.in/ Name: _gid
Value: GA1.2.82590303.1649695769
.businesstoday.in/ Name: _gat
Value: 1
.youtube.com/ Name: YSC
Value: yig_ZNBX2Us
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: FliyFWrgC0w
.scorecardresearch.com/ Name: UID
Value: 185c4de9585d09f90d1af751649695767
www.businesstoday.in/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.businesstoday.in/ Name: _pubcid
Value: 13f29037-cbd0-4b43-a699-60782441ba90
www.businesstoday.in/ Name: itgd_ls
Value: eyJzIjpbWyIzMjg2NjgiXSxbIjE2NDk2OTU3NjkiXV0sICJ2IjpbW10sW11dLCAiZyI6W1tdLFtdXSwiYXBpZCI6IkJUIiwgIlAiOiJ3ZWIiLCAiVCI6IjE2NDk2OTU3NjkifQ==
www.businesstoday.in/ Name: _cb_ls
Value: 1
www.businesstoday.in/ Name: _cb
Value: D61LAtCL8REvgokIh
www.businesstoday.in/ Name: _chartbeat2
Value: .1649695769534.1649695769534.1.s_Lv6DLYbfuC1UWXNBpJg-EC4asBH.1
www.businesstoday.in/ Name: _cb_svref
Value: null
.rubiconproject.com/ Name: khaos
Value: L1UY9LJC-P-IQXH
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB3vTbcxdsEQNjpcd3HBZZ775PzI6EyVJjlVAthPpLFZyz92P5S9pRgus8AU9H7Sf1KDa5Er9JXx6X9CCF7gy6Nyv6dwHGRzJ7q8SPrc65LL0g==
.businesstoday.in/ Name: cebs
Value: 1
.businesstoday.in/ Name: _ce.s
Value: v~1b6baae9a55fa340225a93a51d02917546f90fb7~vpv~0
.adnxs.com/ Name: icu
Value: ChgI49hJEAoYASABKAEwmLjRkgY4AUABSAEQmLjRkgYYAA..
.adnxs.com/ Name: uuid2
Value: 998193707175114129
.doubleclick.net/ Name: IDE
Value: AHWqTUkQyL9NWLzAGbNbcmSpRnKf13qQVaY74ED6riuu0lqDUbtO4ZNSosysIH2BZEg
.casalemedia.com/ Name: CMID
Value: YlRcGYxuwX0nuaICePq77AAA
.casalemedia.com/ Name: CMPS
Value: 3189
.yahoo.com/ Name: A3
Value: d=AQABBBlcVGICEBRPiwwtuubN6vdfxLpreOYFEgEBAQGtVWJeYgAAAAAA_eMAAA&S=AQAAArSPGayDiOFIJB_P4Yzajlo
.casalemedia.com/ Name: CMPRO
Value: 1110
.casalemedia.com/ Name: CMST
Value: YlRcGWJUXBkA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.mathtag.com/ Name: uuid
Value: 95f06254-5c19-4900-bbc0-e258daeeafd7
beacon.lynx.cognitivlabs.com/ Name: UID
Value: bb4a333f-d62d-4c2d-a76b-2cc6a251c93e
beacon.lynx.cognitivlabs.com/ Name: ss
Value: uTTVlRPSruuLq6AD8mrIrFU68kX8XKc22rCTQchERV2V8Ehex2p2TRHvG8KKR2SwEEI2jToKVz%2FBW4CVE3ryHA%3D%3D
.adsrvr.org/ Name: TDID
Value: afdfca32-af49-47be-8ae7-54c12057fe3e
www.businesstoday.in/ Name: pubmatic-unifiedid
Value: %7B%22TDID%22%3A%22afdfca32-af49-47be-8ae7-54c12057fe3e%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-04-11T16%3A49%3A30%22%7D
www.businesstoday.in/ Name: id5_storage
Value: %7B%22created_at%22%3A%222022-04-11T16%3A49%3A29.751178Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
.amazon-adsystem.com/ Name: ad-id
Value: A0DrKDkFRk15vbf50hZd1uo
.casalemedia.com/ Name: CMRUM3
Value: 2d62545c192760CAESEHerI2DKFYLPIZbK-UQXaSA&e662545c192760&2762545c190b40&0862545c192760bb4a333f-d62d-4c2d-a76b-2cc6a251c93e&2962545c1905a0&0562545c1905a0&0362545c1905a0&f162545c1905a0
.businesstoday.in/ Name: panoramaId_expiry
Value: 1649782169808
.businesstoday.in/ Name: __gads
Value: ID=dc07155f1f7627a4:T=1649695769:S=ALNI_Ma47f3PVtbBWLGj3boxjjz2zMg7nw
.doubleclick.net/ Name: DSID
Value: NO_DATA
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: a7f8922cd800ea4f

12 Console Messages

Source Level URL
Text
network error URL: https://recengine.intoday.in/recengine/bt/getmixarticles?model=BT&utm_source=recengine&utm_medium=web&content_id=328668&count=10&login_id=&src=story&target=story&uid=
Message:
Failed to load resource: the server responded with a status of 500 ()
javascript error URL: https://www.businesstoday.in/technology/story/your-android-phone-may-be-next-target-of-new-malware-associated-with-russia-328668-2022-04-05?utm_source=rssfeed
Message:
Access to XMLHttpRequest at 'https://recengine.intoday.in/collector/com.snowplowanalytics.snowplow/tp2' from origin 'https://www.businesstoday.in' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://recengine.intoday.in/collector/com.snowplowanalytics.snowplow/tp2
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008(Line 5)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-R8oaYIARGp5O+/OjZj8ioOMjfLKIU77KDD3CxrmGa8E='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008(Line 5)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-N1vBqICO3CogtDLyI+BumBsC/rnTT1WCYKpTdJXzUz8='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008(Line 5)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-3WF4AZ03PTjwhgfOJG2rgAgg5Njasb6sXPo0b2j2AWA='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008(Line 5)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-R8oaYIARGp5O+/OjZj8ioOMjfLKIU77KDD3CxrmGa8E='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008(Line 5)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-N1vBqICO3CogtDLyI+BumBsC/rnTT1WCYKpTdJXzUz8='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008(Line 5)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-lzPCrwEsJx4z9j7ogCJqfHXkhZdEIxSGPLnC4iTfEFw='), or a nonce ('nonce-...') is required to enable inline execution.
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
a91513531535eb6cd4d9ed28b61a22d2.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ad4m.at
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
akm-img-a-in.tosshub.com
ams1-ib.adnxs.com
assets-tracking.crazyegg.com
beacon.lynx.cognitivlabs.com
cdn.adnxs.com
cdn.ampproject.org
cdn.contentspread.net
cdn.izooto.com
cm.adgrx.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal90008.redintelligence.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
jnn-pa.googleapis.com
js-sec.indexww.com
match.adsrvr.org
pagead2.googlesyndication.com
pagestates-tracking.crazyegg.com
ping.chartbeat.net
pixel.mathtag.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
recengine.intoday.in
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
script.crazyegg.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.chartbeat.com
static.doubleclick.net
stats.g.doubleclick.net
sync.mathtag.com
t.pubmatic.com
tags.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
tracking.crazyegg.com
www.businesstoday.in
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
cdn.izooto.com
image6.pubmatic.com
recengine.intoday.in
www.businesstoday.in
138.201.135.164
138.201.63.150
142.250.181.230
142.250.185.130
142.250.186.162
185.33.220.145
185.33.221.89
185.64.189.226
2.20.156.240
2.20.157.55
204.237.133.116
216.200.232.249
216.52.31.49
23.205.235.133
23.32.59.34
2600:9000:21d7:400:18:1fcd:34f:cdc1
2602:803:c004:200::143
2606:4700:20::681a:bd1
2606:4700::6812:d941
2606:4700::6813:9308
2a00:1288:80:807::1
2a00:1450:4001:800::2001
2a00:1450:4001:800::2004
2a00:1450:4001:802::2001
2a00:1450:4001:802::2003
2a00:1450:4001:809::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:80f::200a
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2008
2a00:1450:4001:813::2016
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::200d
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9a
2a02:26f0:3500:580::1ac0
2a02:26f0:3500:894::1ac0
2a02:26f0:3500:89b::1ac0
2a05:d018:d29:3602:2e18:881f:6e30:56a8
3.228.229.208
3.248.131.63
35.175.55.208
51.75.146.199
52.223.40.198
52.46.130.91
52.94.220.185
54.77.91.70
69.173.144.138
69.173.144.139
74.121.143.241
88.99.70.21
92.122.147.28
95.101.184.254
99.86.4.128
99.86.4.3
99.86.4.55
04be4f23e1135a2993e7a58d5e23a4868f331c1c9cd3f09482f054ac0006f4d7
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c859afdf0d25e53253cd00a23c0a8b11a04c4c8b80bd803dfe1a2ef1a13d1c9
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ffb113993e253be3eec2efc880455e05037f1a3d35f666c880671ef4fece280
104f0957b57cd033c5c25d405e9113a5e98639bbe0a38005046bffe2e05697af
10e5b201a55b7a54cc436c5aa79ed2aa8f117e38e68dec01ddb00cdb36aa67f4
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16e35c56efa545782c446eb31b3c9fba6a8dcfbbd3ee3aea81e199953f845940
1738140ec0500314c72c33f8374b1f91f742504ceae31971fe1691f5b1dbf2bd
1760708344a04220b5d0242c03f3dd26d57fda79aef73150511613a53001ca39
1a123f05789044051604900c7b3a111e2d4725fb1e5483bdb40a2ccc3d2143d5
1bdab2f84a5631889cd1b54550dc1330b94bcd7f87a75f167c0be2513d291a28
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1fb81ca8b101a61c74c3eabd324dff14282581888d1adc4a4c6d1d314157ddc4
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
21bb37935fef9773d655a8cbd7e2d1d12a74aa5b96d59025997b8336d9327c94
2376d8cb428c2af90520bb2d02bf54dd09a500ac57d31ea487157d224f42002e
25132b45d865d91cf834922bd594f2d2d0448512924f6fc905c11bfb26adf165
26ad50c5c8eb132fdf7e17a607f91351453d5f9abcad27d55e71006a1ffc913e
26fccb658a45dcf76062e830e2ff552f4dc79c3add33db4dbc6b36ed4fc297a3
2a13bdadbd947de81c093369bf09d9eef0902b1ab5941f9497d6d796b19fc7ce
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132
327be9b1cbcca51410216533c9ac4410ac4eb11c5d81d86e57eaba40496875aa
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37d00d91a4f6919526eea7dda97facfbbf369b541d5983e5958b473398f96922
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3df18d8bcc7c11a845266d71944125dc53006b56b44a3fb5b6b635268ef00822
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40790d44e3deecffafb17b8cdd23a754eabb0faee9c6dfeb3a3b7b17c2fbaa6a
40d945676c751eb896b8fcf330573d2beab64fdcadb74624606c4414ed21207b
423084fc341ce4272730c0f54b954c269c0bb38fd8269857d2a6ccddb039e8a6
42e7de41a233cfcdd7d8e6b129d36836d23ac94f15c689bba604150941bd509e
44a6a315ed1bbdcc19939f3183fb7a2f7f83c16cefcc903185284d849f7ffcfb
4709716119a7428d27db284884cd50414a6510baae565aba79e949adfb0ce3de
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
498f34c0db7c4019cbdedd7ad7b10b03a757c144526f6cf48a3004abdcfe3b25
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4a7a842996691268c0e2a55b63c8f76f87f0336a95cca98b24d399959e03c693
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50567eb16170b863f6626d29ebf15403f08cbc50f93c04f3af3ac323f15ef3b8
50608a903ebd6a878462bb7dd03e64d1aecb413d086fd77e2476e582a6adf6c0
50c4ec9289ae615e71908846d3164caf8bc16c61a22fe59a819e464a6100c193
513db1539e2636a80095ea5400aba7f55aa44b4d78eb0440cc87b6d693cf6090
52adda577f454b0cd3cf5c53729295990e852cecbf612d9b52a39afb62fdf26f
52fd0f39e6b408309d7455fb1882324ba4609f269640cb3423b2053655b56834
56117a981225a9b337ac853ac759925fbe6356c153fc432ab81b0a2d56cceacf
57a7519c1d48faca976b1c6f9e3a9091cd35e3c93ae07389835a293448e2a1d3
5f5f021602b67755898f4138b0c263451dbc3d7b50d11ed6239975f2c456d90a
62270576c6d854faa40d80c69add9e452c451bab9d0f6144c7f79815b029dcce
63c74efceab763fcfc9203970ada423a9c3b4ba399a1f65e1d3dc22b51ccca64
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67f17eeade38d7f9bd48afd980b628ce3cdd925ae32599b594f6206f630e0a02
6edf3e83cbcec12731cf5e9640f27de793eb0b1d256fb3e2ce5769875f5f5016
7507d83f8747bc17511083a8242e88fb182c95c038a47f025e67a89a7c2bcffd
78039c286cb0c22c87f8fa3b1997dfc78151e6852989ab465db5bc9616574f29
7a36953d8c9c0e8b19dc478d9bbcf13312609437b21eed3301f50eb0db0d14ac
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7c67dc1e9ecce0d3757d97792fd606effaa6fe799ebe7423aff81e26e07900a1
7e5695c2105ad7a70e127b7912b47b64bc4550e63d4023390f5c028b9a0d1595
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8657b6a85995ea86f4e8b2cd084095476f54c13dd6a684010b1528ad79b086ea
876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
905458c959451dd54e97f28e9dd448fbda086b2f5ed73f8c4879cb5a82421dc9
924d56b948a5e7b6dbec58c81f4b620607ddbd7a5c7ea1243bd38a4b3246b2b0
99bb5faa9615340d1ec91fc1de173d8d6bd2ccdb19a93e9714cd042013c3e831
9ca9dc428aa0ce134c2cdbbfe58fae1ef7c4468aa8f0d8fab99040327f8f7e20
a1018169cd7cb8287fbdbb5cbbbf77bf0f7cc585d33a7c22793f052f1d739435
a13bf9293566f9c82a0f2c4e1f2b7a7dda6ef0206962b7da05da66cfd0508729
a1684874c8bae229c40a136c7ebe1df660961e0722f79076a17ce49294b6e6db
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a19ee49da54bcc183d7900b2acf1f89ee6e34d4bd5fc66711fdf3716743e9377
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3ec03078733eebbfd32a1e15c38e340452186173622cf2ed28bb1ee34ae3143
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa781059f6768a3d3c986ae32f921f3eed9320451c91ee20ebb9effd6a15b42e
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d4b8a571591a7fb23ac2dc9a3252192d25de323a5dfe5c56d67e4447910c6e
b34abdfeadd6cb6c90d36cd04a92d10e4f1c7611c2f82c134a05f51d22a9ff77
b4662dc3640227f50e5c2bae4f5b6d8fffc788f4a10799c60f5a8b5e9cfb6939
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bbd1ee1a8f65a79557da9f34938083f8e92d94da746b279723b16133e5049bc9
c048d74f23f7e531f204350fbf735d4cead36cf206e12a1f3ded35304cc3744d
c11cb2c6c64f64bcc10ce5465a02099c66ca774e79647046afed52774d06e679
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2acbf4a77fc8756062b3a78fa5f0f91ae5bceba0c580d506257bc179c1c28a2
c3c7fb03e1ddbd9a33d9c91db10b8820e0260e265165630e9adcba6808a02b34
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c59c2b0a178da329a10eeb7ea71656437ce251655d9e6da72e36ec2051814aea
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c7c196d15238cb625027716c612d34bd5c3c4347479452579b5b450b8107508b
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
ce27cb2315b299a5392b7b46bd80ce2fb2964fa26dea47043889d5599fe5e553
ce553c8c06c6bcd38430f34669788440eb98730f24d5df50e31b34f2d96d9611
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d300a6e58b0c32c6b1560912ab019fbd929f371c6b30618a024952bac7eb7104
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d869579f5717306aa8f2141ff971cdf8049962eb9b318c9c941b438af6da1fd5
db654d72138b7b3b225eddad5517641279cff0c56bd23ffe5e05f198853cab3a
dbceefb3159af7667301fe07bdaea6312484e6a73d1aca1146cc859aa49d5462
dcce9599b3809b567c5802c3a73491a9842e41e50431fc22b115261c9f960ced
de826da05f2e54f8fe37923f9f73961558284163e3c1813878c2cf5a03d7dc66
df277dd293d42b5baf4d4632f0535e82d62988c738faf9ed83e404e539a4a833
e0f9f4c769334f1972f3d7a07b826c6a393a6ba78975e27bb7d9215349eea97b
e1900630ba388f24e8684e1471fa09e3485ced52ee6e300e34fc071a1facce4b
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e82756cab7fba4593496e132a6e1c70ee5f6deaf020dfa4404ac2baf3aff5f3d
e8a56b7248517b052849b0d606b0c402c9a147d231cfba361af5dfb5794a3766
eab9cf5fee7703c6c5c38821f4dca5a7c867c8ebffd835581255f9211b753f9a
eb3c6bb58280a9f49e213bd2f184b3ec062f79caf4bdb71a9427ebe780064d49
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f054ffbc9c3b84e278fb0671492dbeb26ef5039db02537f9307aea925a02c2ad
f15ad02b2ddf09e38a5a8b555d56f3df517799a276bc3c50cadbb6b2b8ef1bf2
f1882c762bf492837eea6aa2758ab13645e3a29e02bfa1b0aa40ae38f9815d80
f4c141a094f0ad452e7da9220d887d4ba758cf2e88ff01332711c2801bf8ba9e
f9363ffc9759572b04d38ac4b5e6d94efbbe7133544786d73713c8cf418c9c1c
fc87853f85b8d74768aee6a2803bc66caa46001443b62faab08c0843fdc3a00b
fd65a5c92613b1a231f11a30003b9f924ecdfff113905a7dc9de99db6c595f18
fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167