Submitted URL: http://paypal-aktualisierungsdienst.xyz/
Effective URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On February 04 via api from IT — Scanned from IT

Summary

This website contacted 47 IPs in 7 countries across 32 domains to perform 94 HTTP transactions. The main IP is 2a02:26f0:3500:88e::24e8, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.ndtv.com. The Cisco Umbrella rank of the primary domain is 60639.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 22nd 2024. Valid for: a year.
This is the only time www.ndtv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 67.199.248.11 396982 (GOOGLE-CL...)
1 1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 7 2a02:26f0:350... 20940 (AKAMAI-ASN1)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:237... 16509 (AMAZON-02)
1 142.250.184.226 15169 (GOOGLE)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
2 184.30.16.195 16625 (AKAMAI-AS)
3 108.138.32.75 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 18.245.60.76 16509 (AMAZON-02)
2 2a02:26f0:170... 20940 (AKAMAI-ASN1)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 18.235.227.186 14618 (AMAZON-AES)
1 2a04:4e42:400... 54113 (FASTLY)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 185.64.190.82 62713 (AS-PUBMATIC)
2 2a00:1450:400... 15169 (GOOGLE)
1 108.138.36.117 16509 (AMAZON-02)
1 18.173.191.32 16509 (AMAZON-02)
4 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
2 185.64.189.116 62713 (AS-PUBMATIC)
1 104.18.36.155 13335 (CLOUDFLAR...)
1 95.101.149.35 16625 (AKAMAI-AS)
1 104.18.38.76 13335 (CLOUDFLAR...)
1 184.30.16.183 16625 (AKAMAI-AS)
1 35.244.159.8 15169 (GOOGLE)
2 95.101.149.233 16625 (AKAMAI-AS)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 2 185.89.210.244 29990 (ASN-APPNEX)
1 69.173.144.139 26667 (RUBICONPR...)
1 35.244.193.51 15169 (GOOGLE)
2 141.95.33.120 16276 (OVH)
1 54.77.240.162 16509 (AMAZON-02)
1 15.197.193.217 16509 (AMAZON-02)
1 185.64.189.226 62713 (AS-PUBMATIC)
1 141.95.98.65 16276 (OVH)
94 47
Apex Domain
Subdomains
Transfer
10 vuukle.com
cdn.vuukle.com — Cisco Umbrella Rank: 19598
vuukle.com — Cisco Umbrella Rank: 6350
api.vuukle.com — Cisco Umbrella Rank: 26492
publish.vuukle.com — Cisco Umbrella Rank: 23535
216 KB
10 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
ssl.google-analytics.com — Cisco Umbrella Rank: 570
region1.google-analytics.com — Cisco Umbrella Rank: 2029
39 KB
8 ndtv.com
www.ndtv.com — Cisco Umbrella Rank: 60639
alerts.ndtv.com — Cisco Umbrella Rank: 88437
cdn.ndtv.com — Cisco Umbrella Rank: 68827
wapi.ndtv.com — Cisco Umbrella Rank: 113939
203 KB
7 gstatic.com
fonts.gstatic.com
251 KB
7 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 535
ut.pubmatic.com — Cisco Umbrella Rank: 7383
ow.pubmatic.com — Cisco Umbrella Rank: 1571
image6.pubmatic.com — Cisco Umbrella Rank: 805
t.pubmatic.com — Cisco Umbrella Rank: 3180
171 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2616
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
120 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
169 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
444 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
76 KB
3 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 579
token.rubiconproject.com — Cisco Umbrella Rank: 477
12 KB
3 adnxs.com
acdn.adnxs.com — Cisco Umbrella Rank: 598
ib.adnxs.com — Cisco Umbrella Rank: 253
19 KB
3 google.it
www.google.it — Cisco Umbrella Rank: 24744
669 B
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 177
3 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1685
mab.chartbeat.com — Cisco Umbrella Rank: 2582
26 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
942 B
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1389
c.go-mpulse.net — Cisco Umbrella Rank: 624
48 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
7 KB
2 ndtvimg.com
i.ndtvimg.com — Cisco Umbrella Rank: 89167
18 KB
2 paypal-aktualisierungsdienst.xyz
paypal-aktualisierungsdienst.xyz
1 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914
272 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
420 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2323
315 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1517
248 B
1 akstat.io
02179915.akstat.io — Cisco Umbrella Rank: 71605
200 B
1 openx.net
u.openx.net — Cisco Umbrella Rank: 683
298 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
2 KB
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1434
379 B
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
540 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 646
357 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1396
201 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
19 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 7478
320 B
94 32
Domain Requested by
7 fonts.gstatic.com fonts.googleapis.com
www.ndtv.com
6 cdn.vuukle.com www.ndtv.com
cdn.vuukle.com
6 www.google-analytics.com www.ndtv.com
www.google-analytics.com
5 www.googletagmanager.com www.ndtv.com
www.google-analytics.com
www.googletagmanager.com
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
3 www.google.it www.ndtv.com
3 region1.google-analytics.com www.googletagmanager.com
3 sb.scorecardresearch.com 1 redirects www.ndtv.com
3 c.amazon-adsystem.com www.ndtv.com
c.amazon-adsystem.com
3 cdn.ndtv.com www.ndtv.com
3 www.ndtv.com 2 redirects
2 id5-sync.com ads.pubmatic.com
2 ib.adnxs.com 1 redirects www.ndtv.com
2 eus.rubiconproject.com ads.pubmatic.com
eus.rubiconproject.com
2 ow.pubmatic.com ads.pubmatic.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.google.com www.ndtv.com
2 securepubads.g.doubleclick.net www.ndtv.com
securepubads.g.doubleclick.net
2 api.vuukle.com cdn.vuukle.com
2 ads.pubmatic.com www.ndtv.com
ads.pubmatic.com
2 static.chartbeat.com www.ndtv.com
2 fonts.googleapis.com www.ndtv.com
2 i.ndtvimg.com www.ndtv.com
2 paypal-aktualisierungsdienst.xyz 2 redirects
1 lb.eu-1-id5-sync.com ads.pubmatic.com
1 t.pubmatic.com ads.pubmatic.com
1 match.adsrvr.org ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 lexicon.33across.com ads.pubmatic.com
1 02179915.akstat.io s.go-mpulse.net
1 token.rubiconproject.com eus.rubiconproject.com
1 image6.pubmatic.com ads.pubmatic.com
1 u.openx.net ads.pubmatic.com
1 acdn.adnxs.com ads.pubmatic.com
1 js-sec.indexww.com ads.pubmatic.com
1 a.teads.tv ads.pubmatic.com
1 htlb.casalemedia.com ads.pubmatic.com
1 region1.analytics.google.com www.googletagmanager.com
1 publish.vuukle.com cdn.vuukle.com
1 trc.taboola.com www.ndtv.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 ut.pubmatic.com ads.pubmatic.com
1 vuukle.com cdn.vuukle.com
1 c.go-mpulse.net s.go-mpulse.net
1 mab.chartbeat.com static.chartbeat.com
1 ping.chartbeat.net www.ndtv.com
1 wapi.ndtv.com www.ndtv.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 s.go-mpulse.net www.ndtv.com
1 ssl.google-analytics.com www.ndtv.com
1 alerts.ndtv.com www.ndtv.com
1 www.googleadservices.com www.ndtv.com
1 bit.ly 1 redirects
94 54
Subject Issuer Validity Valid
ndtv.com
DigiCert TLS RSA SHA256 2020 CA1
2024-01-22 -
2025-01-21
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1
2023-05-16 -
2024-06-06
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-26 -
2024-11-26
a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-12-30 -
2024-12-04
a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA
2023-12-11 -
2024-12-10
a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1
2023-04-05 -
2024-04-04
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-05 -
2024-05-04
a year crt.sh
*.gstatic.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1
2023-11-20 -
2024-12-20
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
www.google.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
*.google.it
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-11-22
a year crt.sh
*.google.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
teads.tv
R3
2024-01-22 -
2024-04-21
3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3
2023-09-05 -
2024-09-03
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2023-08-24 -
2024-08-24
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
lexicon.33across.com
GTS CA 1D4
2024-01-23 -
2024-04-22
3 months crt.sh
*.id5-sync.com
R3
2024-01-01 -
2024-03-31
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02
2023-10-08 -
2024-11-06
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.eu-1-id5-sync.com
R3
2024-01-01 -
2024-03-31
3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Frame ID: 38E106C06741336819070EFE46F83CD0
Requests: 84 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/P4S98-FTZ59-DVK4T-C5SG5-AXGYM
Frame ID: 88C9EB9CD9261FD35976083AA7988C3C
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FE21C96BF4EF65F9392B46C9B7388DF5
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3E760A1EBDF1D6EC3870D24F54DC5376
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 39F8F26B13208921E330FAD58F89C83D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Frame ID: 8A5BAEEE017B8EA937099DCC90389D2C
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5D0471A4F60F76C1E2EAF7CB473A3B6E
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Barack Obama of the Moneygall O'bamaslivetvarrowprintemailchatlinkedinredditWhatsAppfacebooktwittermorenotificationsearchsnapchatkoo

Page URL History Show full URLs

  1. http://paypal-aktualisierungsdienst.xyz/ HTTP 301
    https://paypal-aktualisierungsdienst.xyz/ HTTP 301
    https://bit.ly/mtajfF HTTP 301
    http://www.ndtv.com/article/world/barack-obama-of-the-moneygall-obamas-107976 HTTP 301
    https://www.ndtv.com/article/world/barack-obama-of-the-moneygall-obamas-107976 HTTP 301
    https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • chartbeat\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

94
Requests

98 %
HTTPS

49 %
IPv6

32
Domains

54
Subdomains

47
IPs

7
Countries

1844 kB
Transfer

5559 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paypal-aktualisierungsdienst.xyz/ HTTP 301
    https://paypal-aktualisierungsdienst.xyz/ HTTP 301
    https://bit.ly/mtajfF HTTP 301
    http://www.ndtv.com/article/world/barack-obama-of-the-moneygall-obamas-107976 HTTP 301
    https://www.ndtv.com/article/world/barack-obama-of-the-moneygall-obamas-107976 HTTP 301
    https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://sb.scorecardresearch.com/b?c1=2&c2=9548033&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1707018790077&ns_c=UTF-8&c7=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&c8=Barack%20Obama%20of%20the%20Moneygall%20O%27bamas&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=9548033&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1707018790077&ns_c=UTF-8&c7=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&c8=Barack%20Obama%20of%20the%20Moneygall%20O%27bamas&c9=
Request Chain 83
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

94 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request barack-obama-of-the-moneygall-obamas-456639
www.ndtv.com/world-news/
Redirect Chain
  • http://paypal-aktualisierungsdienst.xyz/
  • https://paypal-aktualisierungsdienst.xyz/
  • https://bit.ly/mtajfF
  • http://www.ndtv.com/article/world/barack-obama-of-the-moneygall-obamas-107976
  • https://www.ndtv.com/article/world/barack-obama-of-the-moneygall-obamas-107976
  • https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
318 KB
86 KB
Document
General
Full URL
https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88e::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
31045f3263a60475cf70a26be700eac776452dcd1ba71dea8772b845e93be9fe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
max-age=488
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 04 Feb 2024 03:53:09 GMT
expires
Sun, 04 Feb 2024 04:01:17 GMT
pragma
public
server
nginx
server-timing
cdn-cache; desc=MISS edge; dur=114 origin; dur=733 ak_p; desc="1707018788914_388276626_1766868561_84771_7642_30_0_255";dur=1
vary
Accept-Encoding User-Agent
x-akamai-transformed
9 - 0 pmb=mRUM,1

Redirect headers

cache-control
max-age=3600
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 04 Feb 2024 03:53:08 GMT
expires
Sun, 04 Feb 2024 04:53:08 GMT
location
https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
pragma
public
server
nginx
server-timing
cdn-cache; desc=MISS edge; dur=95 origin; dur=301 ak_p; desc="1707018788414_388276626_1766867698_39578_7775_30_65_255";dur=1
vary
User-Agent
ObamaMoneygall_295.jpg
i.ndtvimg.com/mt/2011-05/
13 KB
13 KB
Image
General
Full URL
https://i.ndtvimg.com/mt/2011-05/ObamaMoneygall_295.jpg
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88e::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
4ec474d4ac2290cc9c0d2b52b7684e81a787bfa7e6766891f00b567a0b7eda9e
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
strict-transport-security
max-age=600
last-modified
Sat, 20 Jan 2024 18:54:54 GMT
server
Akamai Image Manager
etag
"f2a59a6eeae86ca787aa24da6f3bc2bb:1402311248"
content-type
image/webp
cache-control
private, no-transform, max-age=1350106
content-length
13388
expires
Mon, 19 Feb 2024 18:54:56 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 04 Feb 2024 03:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
300
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 04 Feb 2024 05:48:09 GMT
css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5b43c13f29156b87b601565e8abe066f9dc7ef32d856deeee11f099f1807748
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 04 Feb 2024 03:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 04 Feb 2024 02:47:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Feb 2024 03:53:09 GMT
chartbeat_mab.js
static.chartbeat.com/js/
24 KB
10 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 19:19:17 GMT
content-encoding
gzip
via
1.1 d34e2629ef96cca4a5e6c92c061c82b4.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 01:18:23 GMT
server
nginx
x-amz-cf-pop
MUC50-P2
age
30833
etag
W/"6583925f-5f13"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
lIn25i3SInfnza0ESwLFITZHHO7F062xPZffVdtPsUSJCnfWkR-5_w==
expires
Sun, 04 Feb 2024 19:19:17 GMT
obamaireland120.jpg
i.ndtvimg.com/mt/2011-05/
4 KB
4 KB
Image
General
Full URL
https://i.ndtvimg.com/mt/2011-05/obamaireland120.jpg
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88e::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Server /
Resource Hash
02f0725327443355963db948f2741fffc703eec5dc7ec6dcfefd72fada1a78d4
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:12 GMT
strict-transport-security
max-age=600
last-modified
Mon, 09 Jun 2014 10:41:19 GMT
server
Akamai Image Server
etag
"433f3bcc00386d2cc834c0cac66b382e:1402310479"
content-type
image/jpeg
cache-control
private, max-age=300
content-length
4190
expires
Sun, 04 Feb 2024 03:58:12 GMT
conversion.js
www.googleadservices.com/pagead/
50 KB
19 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
13d4afb5c29bd38d480fec23cc34acaeace989a0469ed21d266d55966e14d950
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18840
x-xss-protection
0
server
cafe
etag
8842199210432276996
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 03:53:09 GMT
web.png
alerts.ndtv.com/images/
4 KB
4 KB
Image
General
Full URL
https://alerts.ndtv.com/images/web.png
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:597::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04e835d76058e5b931b8308d423c80a750ee724f589d5278f54b436409e0ba11

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:10 GMT
last-modified
Mon, 20 Mar 2017 08:10:06 GMT
server
AmazonS3
etag
"329695ad5b24909514ffefdbb3f8c344"
content-type
image/png
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
3763
expires
Sun, 04 Feb 2024 03:53:10 GMT
common_script.js
cdn.ndtv.com/static/js/
139 KB
56 KB
Script
General
Full URL
https://cdn.ndtv.com/static/js/common_script.js?ver-20240117.06
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88e::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2a7e90a4b19d2e01f93f2fa38376ae2edb5494934a2ead9ac38fad062fd29db8
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:09 GMT
content-encoding
gzip
strict-transport-security
max-age=2628000
last-modified
Fri, 30 Jun 2023 10:39:09 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31622400
content-length
56750
expires
Tue, 04 Feb 2025 03:53:09 GMT
custom.js
cdn.ndtv.com/static/web/js/
49 KB
16 KB
Script
General
Full URL
https://cdn.ndtv.com/static/web/js/custom.js?ver-20240117.06
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88e::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2a1fb70714cf9f0185ecedec111f80ff266fdf7a4e8feac77588e049aef32966
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:09 GMT
content-encoding
gzip
strict-transport-security
max-age=2628000
last-modified
Fri, 30 Jun 2023 10:39:03 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31622400
content-length
16568
expires
Tue, 04 Feb 2025 03:53:09 GMT
swiper.min.js
cdn.ndtv.com/static/web/js/
125 KB
40 KB
Script
General
Full URL
https://cdn.ndtv.com/static/web/js/swiper.min.js?vvvver-20240117.06
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88e::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f3c687666850217c5a5477ac42cda73888e783ba56a49e56fe1321418f713e3f
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:09 GMT
content-encoding
gzip
strict-transport-security
max-age=2628000
last-modified
Fri, 30 Jun 2023 10:39:03 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31622400
content-length
40418
expires
Tue, 04 Feb 2025 03:53:09 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/158451/3766/
530 KB
164 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4212716490d50160bdc1d5fad4da1470c6ac66aa0a02694b4d1c1556125ffc8f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:09 GMT
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 07:27:45 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=40003
accept-ranges
bytes
content-length
167264
expires
Sun, 04 Feb 2024 14:59:52 GMT
apstag.js
c.amazon-adsystem.com/aax2/
286 KB
71 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-32-75.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85c59056678912641d9929fea79a132b58398fe84cfbbb5fd63e892db355bde7

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:31:28 GMT
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
last-modified
Thu, 01 Feb 2024 21:58:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MUC50-P2
age
1303
x-amz-server-side-encryption
AES256
etag
W/"e27d9780852534fd18cbcc0472fcbb38"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
hoRPimc9WG98XgphySuuP6rnI6nSs0KCQIx_gWNiofMB_2GqbvnFIA==
gtm.js
www.googletagmanager.com/
396 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N2R2KQQ
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
52df8dea65fa6b2b44e8a8cb4ccb3d75a859740ee798051791457bfe5dedd2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109751
x-xss-protection
0
last-modified
Sun, 04 Feb 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Feb 2024 03:53:10 GMT
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 04 Feb 2024 01:54:57 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
7093
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Sun, 04 Feb 2024 03:54:57 GMT
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 06:20:49 GMT
content-encoding
gzip
via
1.1 ce0a6880f9416cb3a7b5da0d937e47be.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
77573
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
2J7mRX9C62PT9WCOOhtSjlk8wdvbRV3WFLUeShhqaVoPvhfwu4xtbg==
chartbeat.js
static.chartbeat.com/js/
38 KB
15 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 07:29:21 GMT
content-encoding
gzip
via
1.1 d34e2629ef96cca4a5e6c92c061c82b4.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 01:03:21 GMT
server
nginx
x-amz-cf-pop
MUC50-P2
age
73429
etag
W/"65838ed9-9630"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
HR4lb6yaaEaMvbLPCFvV2Lqv9-oPifu0wk9xjRYL10mf0uM6li6zew==
expires
Sun, 04 Feb 2024 07:29:21 GMT
P4S98-FTZ59-DVK4T-C5SG5-AXGYM
s.go-mpulse.net/boomerang/ Frame 88C9
187 KB
47 KB
Script
General
Full URL
https://s.go-mpulse.net/boomerang/P4S98-FTZ59-DVK4T-C5SG5-AXGYM
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:391::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:09 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Tue, 19 Dec 2023 11:15:16 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
47928
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88e4e0644a8cc0fcbfa80087d7b4b01ed78b002161c806a48b82cbcc0ba8990e

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/svg+xml
platform.js
cdn.vuukle.com/
255 KB
64 KB
Script
General
Full URL
https://cdn.vuukle.com/platform.js
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1695 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d386bb14806fffe9984adc41f531784717b496bba05ff75a5c801584bd6e53b9

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
content-encoding
br
cf-cache-status
HIT
age
142698
cf-polished
origSize=261531
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 30 Jan 2024 12:12:25 GMT
server
cloudflare
etag
W/"65b8e7a9-3fd9b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=7200
cf-ray
84fff70dd991baa9-MXP
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ndtv.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:51:53 GMT
x-content-type-options
nosniff
age
378076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:51:53 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ndtv.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:50:29 GMT
x-content-type-options
nosniff
age
378160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:50:29 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ndtv.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:55:04 GMT
x-content-type-options
nosniff
age
377885
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:55:04 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ndtv.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:50:46 GMT
x-content-type-options
nosniff
age
378143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:50:46 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ndtv.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 09:10:14 GMT
x-content-type-options
nosniff
age
412975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 09:10:14 GMT
collect
www.google-analytics.com/j/
15 B
219 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=457833730&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&ul=en-us&de=UTF-8&dt=Barack%20Obama%20of%20the%20Moneygall%20O%27bamas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=277926471&gjid=1657606609&cid=832803489.1707018790&tid=UA-2598638-50&_gid=705752003.1707018790&_r=1&_slc=1&z=472238414
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3565678f6bd5ac4fc92dd56f249d01ea70a6f2936b7369e7a0b31973a86ec7d0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
15 B
80 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=457833730&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&ul=en-us&de=UTF-8&dt=Barack%20Obama%20of%20the%20Moneygall%20O%27bamas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=1656580757&gjid=813944888&cid=832803489.1707018790&tid=UA-11243047-47&_gid=705752003.1707018790&_r=1&_slc=1&z=318559064
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
af6e30d382e04449d8017703dc06364468f567b4a059bde07ea05b200b3b2f50
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
15 B
80 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=457833730&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&ul=en-us&de=UTF-8&dt=Barack%20Obama%20of%20the%20Moneygall%20O%27bamas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=1067097038&gjid=740813397&cid=832803489.1707018790&tid=UA-2598638-73&_gid=705752003.1707018790&_r=1&_slc=1&z=1244600689
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6439b6200c9fa283a62a4a2acac93ed84a074d25a6b9fb5263e4e1b305479e70
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
233 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2P3XKYJEE0&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b31307b4f33e47ec3e494cf7625caad2e5040e1131e12cdf0823318840778631
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84389
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Feb 2024 03:53:10 GMT
js
www.googletagmanager.com/gtag/
229 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PWX0ZGZBS2&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f744c8c70e50816f54611b8d0e2af16dce75a821d90c5845cf7fa5cd8085d3f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83500
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Feb 2024 03:53:10 GMT
js
www.googletagmanager.com/gtag/
231 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DM9HXDHYVN&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
64d5eea111433d271a14ae900a43e4ec16df854d531085ec59ae7ce692aedc7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83942
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Feb 2024 03:53:10 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/968076326/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/968076326/?random=1707018790013&cv=9&fst=1707018790013&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&tiba=Barack%20Obama%20of%20the%20Moneygall%20O%27bamas&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c0f8736a6e2c6764cef201cfb4c0bfc9124d573e7325d6e1b42f304222d14ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1354
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
geo.json
wapi.ndtv.com/
144 B
401 B
XHR
General
Full URL
https://wapi.ndtv.com/geo.json
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:782::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9159897253ee53b42132ea1ca8e0fd4362eb07806ee0d63489838bffd403006e

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:10 GMT
access-control-max-age
3600
access-control-allow-methods
GET,POST,HEAD
content-type
application/json
access-control-allow-origin
https://www.ndtv.com
cache-control
max-age=0, no-cache, private
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
144
expires
Sun, 04 Feb 2024 03:53:10 GMT
ping
ping.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=ndtv.com&p=%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&u=xtcyWoZp2TBwA4KR&d=ndtv.com&g=34512&g0=world-news&g1=Associated%20Press&g4=story&n=1&f=00001&c=0&x=0&m=0&y=2873&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&b=2424&t=B0TxFhjTZn_BG1PCHT7k8BqK_AT&V=143&i=Barack%20Obama%20of%20the%20Moneygall%20O%27bamas&tz=-60&sn=1&sv=BhLEFkDX-oqgBvgKtMDzcNOoBDm5yX&sr=external&sd=1&im=067b2fff&_
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.227.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-227-186.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 04 Feb 2024 03:53:10 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/
202 B
514 B
XHR
General
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=ndtv.com&domain=ndtv.com&path=%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2557060cfea9d7b9acda662923f3a15d0f1b89d129c7ec3821fee97a6d4effb3

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 04 Feb 2024 03:53:10 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
161
x-served-by
cache-mxp6926-MXP
x-timer
S1707018790.122564,VS0,VE109
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Fri, 02 Feb 2024 03:53:10 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=9548033&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1707018790077&ns_c=UTF-8&c7=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-45...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=9548033&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1707018790077&ns_c=UTF-8&c7=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-4...
0
225 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=9548033&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1707018790077&ns_c=UTF-8&c7=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&c8=Barack%20Obama%20of%20the%20Moneygall%20O%27bamas&c9=
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
via
1.1 ce0a6880f9416cb3a7b5da0d937e47be.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-amz-cf-id
AnFOBQvbk2YH0pq5YN3-DIPkNUvnuE3-llUv0zxxBpeGDl5pPZiogA==
x-cache
Miss from cloudfront

Redirect headers

date
Sun, 04 Feb 2024 03:53:10 GMT
via
1.1 ce0a6880f9416cb3a7b5da0d937e47be.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=9548033&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1707018790077&ns_c=UTF-8&c7=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&c8=Barack%20Obama%20of%20the%20Moneygall%20O%27bamas&c9=
content-length
0
x-amz-cf-id
TgEJ2p2rYTLv5y4pwjb3ypX89PwT9Fijyd3APFmlnpc2fzEgnLXmQA==
config.json
c.go-mpulse.net/api/ Frame 88C9
5 KB
1 KB
XHR
General
Full URL
https://c.go-mpulse.net/api/config.json?key=P4S98-FTZ59-DVK4T-C5SG5-AXGYM&d=www.ndtv.com&t=5690063&v=1.571.0&if=&sl=0&si=4bww7r9xknm-NaN&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,LOGN&acao=
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/P4S98-FTZ59-DVK4T-C5SG5-AXGYM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:594::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fb063049df67e3bc7be6d5d272f740e2b7e6bd86779545c9f8ea5c78b04b6c44

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sun, 04 Feb 2024 03:53:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
1090
getGeo
vuukle.com/
90 B
371 B
XHR
General
Full URL
https://vuukle.com/getGeo
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ece5b8e156c5ba5102189d1a6d52de6b434ebfc083b6a21a22f29165573af28

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
content-encoding
br
accept-ch
sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-viewport-width
server
cloudflare
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,POST,OPTIONS
access-control-allow-origin
*
content-type
application/json;charset=UTF-8
cf-ray
84fff70e8df94c6e-MXP
alt-svc
h3=":443"; ma=86400
PublicConfigs
api.vuukle.com/api/v1/Publishers/
2 KB
1 KB
XHR
General
Full URL
https://api.vuukle.com/api/v1/Publishers/PublicConfigs?apiKey=e6741053-104a-43d2-8bd8-b2536529f5cd&host=ndtv.com
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81187c68b59723085a138cbd33d1ba3215bfe06d01907a6ece5218b6cbbdd33a
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
via
1.1 varnish (Varnish/6.2)
content-encoding
br
cf-cache-status
DYNAMIC
age
0
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
x-varnish
286720511
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ndtv.com
cache-control
no-store,no-cache
access-control-allow-credentials
true
access-control-allow-credentiails
true
cf-ray
84fff70e897b5274-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
ndtv.com.js
cdn.vuukle.com/domain-configs/
309 B
284 B
Script
General
Full URL
https://cdn.vuukle.com/domain-configs/ndtv.com.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1695 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef500c2cedea8edd67fe512ba6f09259dcb8b8d6fd8d0f508c2d18d189ff1f47

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
content-encoding
br
cf-cache-status
HIT
age
178040
cf-polished
origSize=416
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 01 Feb 2024 15:21:57 GMT
server
cloudflare
etag
W/"65bbb715-1a0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=1800
cf-ray
84fff70e39a9baa9-MXP
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
geo
ut.pubmatic.com/
12 B
93 B
XHR
General
Full URL
https://ut.pubmatic.com/geo?pubid=158451
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1b50f5b57f7fb73d2886582d86d91457c602304f00052be06eb6612273616ca9

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sun, 04 Feb 2024 03:53:10 GMT
cache-control
max-age=172800
content-length
12
content-type
application/json
gpt.js
securepubads.g.doubleclick.net/tag/js/
102 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f95d903e3857bdf6992f27b8e2e955df1abc0717e3471c99400408e8fca3261
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30540
x-xss-protection
0
server
cafe
etag
895 / 19757 / m202401290101 / config-hash: 8558731290873694684
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 04 Feb 2024 03:53:10 GMT
prebid3.js
cdn.vuukle.com/static/
448 KB
145 KB
Script
General
Full URL
https://cdn.vuukle.com/static/prebid3.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:1695 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbbc1d6d55e90d54956dd8aa41d8edfb36f72f11125b04cdba0efad8fd875ce7

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
content-encoding
br
cf-cache-status
HIT
age
517318
cf-polished
origSize=608215
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 30 Dec 2023 16:47:33 GMT
server
cloudflare
etag
W/"659049a5-947d7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=43200
cf-ray
84fff70e7bbcbb25-MXP
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
ndtv.com.json
cdn.vuukle.com/ads/
19 KB
1 KB
XHR
General
Full URL
https://cdn.vuukle.com/ads/ndtv.com.json
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:1695 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24497e2b078bb567c8d1fa423acec40bff7878bd1c3cd85db8be96a6c1877806

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 01 Feb 2024 15:21:57 GMT
server
cloudflare
etag
W/"65bbb715-4d13"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
84fff70e89200e77-MXP
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
alt-svc
h3=":443"; ma=86400
5d5467fe-bc8c-4335-993a-e0314547592e
config.aps.amazon-adsystem.com/configs/
564 B
831 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/5d5467fe-bc8c-4335-993a-e0314547592e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-117.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
29b202782287f48ed7521f38eb037863fce228a4a47faf133fe206ab11de55b5

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:11 GMT
via
1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P2
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
32wJNe_OoLYiuU89iP2Mzuxff2n3MMzmBBqbdT5sd7JeuFAkwlk9Bw==
config
c.amazon-adsystem.com/cdn/prod/
0
308 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ndtv.com&pubid=5d5467fe-bc8c-4335-993a-e0314547592e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-32-75.muc50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 02:16:28 GMT
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P2
age
5802
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.ndtv.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
xv1-NHLioytfEnL4ouxhLJ8PESat6qcuABIeNtbxZg6rlmxAVqRyPw==
bid
aax.amazon-adsystem.com/e/dtb/
23 B
356 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&pid=esM5mnuY4ULwd&cb=0&ws=1600x1200&v=24.129.1645&t=1000&slots=%5B%7B%22sd%22%3A%22adslot728x90ATF%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F1068322%2FNDTV_ISP_728x90_ATF%22%7D%2C%7B%22sd%22%3A%22adslot300x250ATF%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1068322%2FNDTV_ISP_300x250_ATF%22%7D%2C%7B%22sd%22%3A%22adslot300x250BTF2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F1068322%2Fndtv_news_ros_300x250_btf-2%22%7D%2C%7B%22sd%22%3A%22adslot300x250BTF%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1068322%2FNDTV_News_ROS_300x250_BTF%22%7D%5D&pubid=5d5467fe-bc8c-4335-993a-e0314547592e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.191.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-191-32.muc50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
via
1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.ndtv.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
95O1fDmKFIU2_nKhhZMCFaJjMIoSheJ3yAjy9HtCqdk-VXDyAYH76Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-32-75.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
date
Sat, 03 Feb 2024 06:31:21 GMT
x-amz-cf-pop
MUC50-P2
age
76910
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
6f3yiaIRWhgoV23hlP3vxZ51CjgHnqfPhrhACjyuU1c6omihytLByA==
collect
region1.google-analytics.com/g/
0
252 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PWX0ZGZBS2&gtm=45je41v0v9124007173za200&_p=1707018789889&gcd=11l1l1l1l2&npa=0&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=832803489.1707018790&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&dt=Barack%20Obama%20of%20the%20Moneygall%20O%27bamas&sid=1707018790&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2542
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PWX0ZGZBS2&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2P3XKYJEE0&gtm=45je41v0v9125931648za200&_p=1707018789889&gcd=11l1l1l1l2&npa=0&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=832803489.1707018790&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&dt=Barack%20Obama%20of%20the%20Moneygall%20O%27bamas&sid=1707018790&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2554
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2P3XKYJEE0&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cnsnt.platform.js
cdn.vuukle.com/
4 KB
2 KB
Script
General
Full URL
https://cdn.vuukle.com/cnsnt.platform.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:1695 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cca27de9b49927f4f88540f690be49d9700ea7d3dbc1b5200d81e440f4f5c000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
content-encoding
br
cf-cache-status
HIT
age
5691
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 30 Jan 2024 12:12:21 GMT
server
cloudflare
etag
W/"65b8e7a5-f1d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=1800
cf-ray
84fff70ecbe2bb25-MXP
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
/
www.google.com/pagead/1p-user-list/968076326/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/968076326/?random=1707018790013&cv=9&fst=1707015600000&num=1&guid=ON&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&tiba=Barack%20Obama%20of%20the%20Moneygall%20O%27bamas&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_k6S5mHxajqwzU2K9uO_TAjrA-4TsmQ&random=3991518604&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.it/pagead/1p-user-list/968076326/
42 B
455 B
Image
General
Full URL
https://www.google.it/pagead/1p-user-list/968076326/?random=1707018790013&cv=9&fst=1707015600000&num=1&guid=ON&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&tiba=Barack%20Obama%20of%20the%20Moneygall%20O%27bamas&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_k6S5mHxajqwzU2K9uO_TAjrA-4TsmQ&random=3991518604&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DM9HXDHYVN&gtm=45je41v0v9125114098za200&_p=1707018789889&gcd=11l1l1l1l2&npa=0&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=832803489.1707018790&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&dt=Barack%20Obama%20of%20the%20Moneygall%20O%27bamas&sid=1707018790&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2579
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DM9HXDHYVN&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
268 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XQCGTLW8NV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2R2KQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8ca5db60d70a8a30f48d83f016cee4a0ef929c4ed1205231766b01c6d6950f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91903
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Feb 2024 03:53:10 GMT
collect
www.google-analytics.com/j/
3 B
23 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=457833730&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&dp=%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&ul=en-us&de=UTF-8&dt=Barack%20Obama%20of%20the%20Moneygall%20O%27bamas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGjAgEABAAAAACAEOC~&jid=282434437&gjid=831513522&cid=832803489.1707018790&tid=UA-97665797-1&_gid=1864739806.1707018790&_slc=1&gtm=45He41v0n81N2R2KQQv76535019za200&cd9=Associated%20Press&cd10=world-news&cd11=Barack%20Obama%20of%20the%20Moneygall%20O%27bamas&cd12=2011&cd13=05&cd14=24-05-2011&cd15=3992&cd16=english&cd17=blank&cd18=Moneygall%7CObama%20Irish%20ancestors%7CObama%20Moneygall%7CObama%20drinking%20guiness%7CObama%20in%20Ireland%7CObama%20visits%20his%20irish%20roots&cd19=4639%20days&cd20=blank&cd21=blank&cd22=story&cd23=www.ndtv.com&cd24=blank&cd25=blank&cd26=blank&cd27=blank&cd28=blank&cd29=blank&cd30=blank&cd31=blank&cd32=blank&cd33=desktop&cd34=blank&cd35=24&cd54=14&cd55=GTM-N2R2KQQ%20-%20352&cd60=456639&cd64=light&cd71=NA&cd72=GTM&cd73=article&cd74=&cd75=None&cd78=&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd36=832803489.1707018790&z=432010369
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
347 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-97665797-1&cid=832803489.1707018790&jid=282434437&gjid=831513522&_gid=1864739806.1707018790&_u=aGjAgEABAAAAAGAEOC~&z=931248941
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 04 Feb 2024 03:53:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
unip
trc.taboola.com/1010811/log/3/
0
357 B
Image
General
Full URL
https://trc.taboola.com/1010811/log/3/unip?en=page_view&gtmcb=143897704
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-vcl-time-ms
88
date
Sun, 04 Feb 2024 03:53:10 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
83300
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-mxp6933-MXP
pragma
no-cache
server
nginx
x-timer
S1707018790.342491,VS0,VE88
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bq-publish
publish.vuukle.com/
27 B
321 B
XHR
General
Full URL
https://publish.vuukle.com/bq-publish?callback=&{%22action%22:%22view_page%22,%22hashed_email%22:%22$f237cc-0b26-49d6-aa2c-e2b25349c502%22,%22hostname%22:%22e6741053-104a-43d2-8bd8-b2536529f5cd%22,%22pubdomain%22:%22ndtv.com%22,%22refDomain%22:%22%22,%22sessionId%22:%22982176ea-5add-47a2-82ea-f0e7b9504234%22,%22version%22:%224.20%22,%22articleImg%22:%22%22,%22articleTitle%22:%22Barack%20Obama%20of%20the%20Moneygall%20Obamas%22,%22article_id%22:%22https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639%22,%22hashed_article_url%22:%22ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639%22,%22referrer%22:%22%22,%22tags%22:%22%22,%22browser%22:%22Chrome%22,%22device%22:%22Desktop%22,%22os%22:%22Windows%22,%22isArticleBrandSafe%22:null}&_=1489139930741
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0e137cdc4fcb65309bb640762471f2c04adb08ff4a3da39b163f9e58b9d0d27
Security Headers
Name Value
X-Xss-Protection 1

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.ndtv.com
access-control-allow-credentials
true
cf-ray
84fff70f7e494c6e-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
ndtv.com.json
cdn.vuukle.com/ads/
19 KB
1 KB
Fetch
General
Full URL
https://cdn.vuukle.com/ads/ndtv.com.json
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:1695 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24497e2b078bb567c8d1fa423acec40bff7878bd1c3cd85db8be96a6c1877806

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 01 Feb 2024 15:21:57 GMT
server
cloudflare
etag
W/"65bbb715-4d13"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
84fff70fa9ab0e77-MXP
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
alt-svc
h3=":443"; ma=86400
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/
436 KB
136 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 12:54:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
53942
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139485
x-xss-protection
0
server
cafe
etag
9760076492862216199
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 02 Feb 2025 12:54:08 GMT
collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-XQCGTLW8NV&gtm=45je41v0v873431283z876535019za200&_p=1707018789889&_gaz=1&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&cid=832803489.1707018790&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1707018790&sct=1&seg=0&dl=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&dt=Barack%20Obama%20of%20the%20Moneygall%20O%27bamas&en=page_view&_fv=1&_ss=1&ep.Author=Associated%20Press&ep.Article_Category=world-news&ep.Article_Title=Barack%20Obama%20of%20the%20Moneygall%20O%27bamas&ep.Publication_Date=24-05-2011&epn.Article_Length=3992&ep.language_hit=english&ep.Article_tags=Moneygall%7CObama%20Irish%20ancestors%7CObama%20Moneygall%7CObama%20drinking%20guiness%7CObama%20in%20Ireland%7CObama%20visits%20his%20irish%20roots&ep.Article_age=4639%20days&ep.Referral=blank&ep.PageType=story&epn.Article_Para_Count=14&ep.Article_ID=456639&ep.mode=light&ep.Affiliate_Article=NA&ep.Content_Type=article&ep.Content_Source=None&ep.postedby=&ep.GTM_Id___Version=GTM-N2R2KQQ%20-%20352&ep.event_client_id=832803489.1707018790.&ep.publication_month=05&ep.publication_year=2011&ep.publication_day=24&ep.platform_hit=desktop&ep.ppid=&up.custom_client_id=832803489.1707018790.&tfd=2733
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XQCGTLW8NV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
56 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XQCGTLW8NV&cid=832803489.1707018790&gtm=45je41v0v873431283z876535019za200&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XQCGTLW8NV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.it/ads/
42 B
107 B
Image
General
Full URL
https://www.google.it/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XQCGTLW8NV&cid=832803489.1707018790&gtm=45je41v0v873431283z876535019za200&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&npa=0&z=334712095
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GetIabTopic
api.vuukle.com/api/v1/Articles/
53 B
409 B
XHR
General
Full URL
https://api.vuukle.com/api/v1/Articles/GetIabTopic?host=ndtv.com&articleId=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:1695 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29bdc6464fcb564f8a708f2d9ee2d1f428627873762d424098a64223798d4d86
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Feb 2024 03:53:11 GMT
via
1.1 varnish (Varnish/6.2)
content-encoding
br
cf-cache-status
DYNAMIC
age
0
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
x-varnish
286331388
access-control-allow-origin
https://www.ndtv.com
access-control-allow-credentiails
true
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
cf-ray
84fff70fe9c10e77-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-97665797-1&cid=832803489.1707018790&jid=282434437&_u=aGjAgEABAAAAAGAEOC~&z=184887066
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.it/ads/
42 B
107 B
Image
General
Full URL
https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-97665797-1&cid=832803489.1707018790&jid=282434437&_u=aGjAgEABAAAAAGAEOC~&z=184887066
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
106213651
fundingchoicesmessages.google.com/i/
183 KB
61 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/106213651?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0d6d53a82e46e5a887aa594979ce0859f986818818d68b469bb38c61a729c13e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Z8ng9HITYt8w2VJlDDEp-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Z8ng9HITYt8w2VJlDDEp-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsOoxSXF4KEhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLQKIK6az8gFxXN101hwg5ls3nVVz_XTWLWems-4B4pjn01lTgHgx6wzW1UA8JXAG6xwgbomewToJiJ3SZ7AGAPHnzBmsv4HYp34GaxQQl90-x1oHxMJy51mlgViIh2PZlD9r2QQOLLy2jAkA1MFZqg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
ow.pubmatic.com/cookie_sync/
120 B
262 B
XHR
General
Full URL
https://ow.pubmatic.com/cookie_sync/?sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b6e7aed079d176a0b4dac32e74a1550cb2b219410d5d9bf62295982337ae9b67
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ndtv.com
date
Sun, 04 Feb 2024 03:53:10 GMT
access-control-allow-credentials
true
x-content-type-options
nosniff
content-length
120
content-type
text/plain; charset=utf-8
auction
ow.pubmatic.com/pbs/openrtb2/
905 B
442 B
XHR
General
Full URL
https://ow.pubmatic.com/pbs/openrtb2/auction
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1446484be26ea87c12d1fd4d2029381f173b23f615e403f2a89b1d3707ed7efd

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ndtv.com
date
Sun, 04 Feb 2024 03:53:10 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
354
content-type
application/json
pbjs
htlb.casalemedia.com/openrtb/
36 B
540 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=695976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32abc345f87e26ce85314431efcc35ed6918e82b5f0bf679abf38a0309b807f2

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTuMGVAZIA8NprlbLXI5ch14ljE8mpk1cV1Ip1GE5MbAtZPxSbUYunDvo8WWt1x1X8hRAV2jZjwRpibwsqlPW6DbVms3v37dQolb8YZ9Fdf4VT5AkYoSduqkgDJusY%2FbWnXluHYS"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84fff710da51522a-MXP
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
bid-request
a.teads.tv/hb/
16 B
379 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:10 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ndtv.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 04 Feb 2024 03:53:10 GMT
AGSKWxXaRUndLzJ0U84vB_6sAlp9RslYK0zbxkkNp5v6D2cBzXJ56juH-99_lgxC7M5M4wcqnxv6isV54zEKzARtyLgV92eBjG-QeN8m9M8aidXcggSnASu4bQgoYS00wyXK1shOm-rSnA==
fundingchoicesmessages.google.com/f/
371 KB
59 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXaRUndLzJ0U84vB_6sAlp9RslYK0zbxkkNp5v6D2cBzXJ56juH-99_lgxC7M5M4wcqnxv6isV54zEKzARtyLgV92eBjG-QeN8m9M8aidXcggSnASu4bQgoYS00wyXK1shOm-rSnA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MDE4NzkwLDcyNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cubmR0di5jb20vd29ybGQtbmV3cy9iYXJhY2stb2JhbWEtb2YtdGhlLW1vbmV5Z2FsbC1vYmFtYXMtNDU2NjM5IixudWxsLFtbOCwiUlVyWkJqa0FPUmsiXSxbOSwiaXQiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.RUrZBjkAORk.es5.O/am=wA/d=1/rs=AJlcJMx0udIWWRhsD1N07IG6dNtEwGTfEw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9e2dc279a82349adfa7977413dfec5c89282090ffad24e052b56fc12ece52d88
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3_rDR7CNSmOTAbV-SXIHAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3_rDR7CNSmOTAbV-SXIHAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KUhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLQKIK6az8gFxXN101hwg5ls3nVVz_XTWLWems-4B4pjn01lTgHgx6wzW1UA8JXAG6xwgbomewToJiJ3SZ7AGAPHnzBmsv4HYp34GaxQQl90-x1oHxMJy51mlgViIh2PZlD9r2QQaXn3sZgYA1m1Ztg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame FE21
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

age
659
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
84fff712adefbb1d-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 04 Feb 2024 03:53:10 GMT
expires
Sun, 04 Feb 2024 07:53:10 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3E76
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 04 Feb 2024 03:53:10 GMT
ETag
"623de86a-cf34"
Expires
Mon, 05 Feb 2024 03:53:12 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 39F8
199 B
298 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Sun, 04 Feb 2024 03:53:10 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8A5B
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50379
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 04 Feb 2024 03:53:10 GMT
expires
Sun, 04 Feb 2024 17:52:49 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5D04
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 04 Feb 2024 03:53:10 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 8A5B
0
42 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39437325&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 03:53:10 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame 5D04
39 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4b40b1d59880e8ba51efec5a6fdc9d4824253d6e75114668a100367f96b46ce8

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sun, 04 Feb 2024 03:53:10 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Feb 2024 01:48:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=78914
Connection
keep-alive
Content-Length
10921
Expires
Mon, 05 Feb 2024 01:48:24 GMT
css
fonts.googleapis.com/
105 KB
6 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.RUrZBjkAORk.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzxh3EctGiKw_5-eJzFecngP4B1bg/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
867f683e26903b242dee20b61aa0ffba68101a72a70d279d8a5c6e77e9f48a2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 04 Feb 2024 03:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 04 Feb 2024 03:53:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Feb 2024 03:53:10 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ndtv.com/
Origin
https://www.ndtv.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:59:51 GMT
x-content-type-options
nosniff
age
377599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:59:51 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/
125 KB
126 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ndtv.com/
Origin
https://www.ndtv.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 00:59:33 GMT
x-content-type-options
nosniff
age
442417
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 00:59:33 GMT
AGSKWxXJH4NqX2yStNgKKyThaVTd-SkqUtl9sVXffDh-IFJ8WC6ASLi0RTKrigASYDkFuOM6r0cHxgOH-CmiZKhCnxnm240uLSs9uoXNWVV96BNsmoFJsJIcZ6t8dj0gUcn-n8HjAOts0A==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXJH4NqX2yStNgKKyThaVTd-SkqUtl9sVXffDh-IFJ8WC6ASLi0RTKrigASYDkFuOM6r0cHxgOH-CmiZKhCnxnm240uLSs9uoXNWVV96BNsmoFJsJIcZ6t8dj0gUcn-n8HjAOts0A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.RUrZBjkAORk.es5.O/am=wA/d=1/rs=AJlcJMx0udIWWRhsD1N07IG6dNtEwGTfEw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fNzNsWx2kyx2tAHUwHwQwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Feb 2024 03:53:11 GMT
content-security-policy
script-src 'report-sample' 'nonce-fNzNsWx2kyx2tAHUwHwQwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmII0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQDistvnWOuAWFjuPKs0EAtxcyyf8mctm8CDNT9EAcowIm8"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.ndtv.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 3E76
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
970 B
Script
General
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Protocol
H2
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:11 GMT
an-x-request-uuid
75a1fad1-ab4b-43c8-8cd9-b8f055ccdfd6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
192.145.127.219; 192.145.127.219; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:11 GMT
an-x-request-uuid
02e572a1-65cc-41b9-8a19-7c209f41e00b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
192.145.127.219; 192.145.127.219; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 5D04
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
f2725c115d816cae2dce6044d9cf3fcf
Expires
0
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=457833730&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&ul=en-us&de=UTF-8&dt=Barack%20Obama%20of%20the%20Moneygall%20O%27bamas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=adblocker_desktop&ea=ad_blocked&el=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fbarack-obama-of-the-moneygall-obamas-456639&_u=aGjAgEABAAAAAGAEOC~&jid=&gjid=&cid=832803489.1707018790&tid=UA-97665797-1&_gid=1864739806.1707018790&gtm=45He41v0n81N2R2KQQv76535019za200&cd37=enabled&cd55=GTM-N2R2KQQ%20-%20352&cd72=GTM&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd36=832803489.1707018790&tcfd=10001&z=315726978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Feb 2024 19:02:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31835
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
02179915.akstat.io/
0
200 B
Ping
General
Full URL
https://02179915.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/P4S98-FTZ59-DVK4T-C5SG5-AXGYM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:391::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:12 GMT
content-type
image/gif
access-control-allow-origin
https://www.ndtv.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Sun, 04 Feb 2024 03:53:12 GMT
envelope
lexicon.33across.com/v1/
49 B
248 B
XHR
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000001YrMoBAAV&gdpr=0&src=pbjs&ver=7.39.0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Feb 2024 03:53:12 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.ndtv.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
prebid
id5-sync.com/api/config/
135 B
413 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
b5c420f9e93f89ab4c95b63de6b6f6f0e959e4c3f3fa901be309a85fc2c4261c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ndtv.com
date
Sun, 04 Feb 2024 03:53:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/
43 B
315 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.240.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-240-162.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:12 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache
x-server
10.45.2.171
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/
63 B
420 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
1217cf2a2e9eeaa48abbe39407eae712e64783986fffe9ac500991903b109e02

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Feb 2024 03:53:12 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ndtv.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Tue, 05 Mar 2024 03:53:12 GMT
wl
t.pubmatic.com/
17 B
180 B
XHR
General
Full URL
https://t.pubmatic.com/wl?pubid=158451
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 03:53:12 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
v1
lb.eu-1-id5-sync.com/lb/
33 B
272 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
b34fe6ffe75bde4b4de26bfb3ff079469332b7b99007856dab86d8888bd8c564
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ndtv.com
date
Sun, 04 Feb 2024 03:53:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
715.json
id5-sync.com/g/v2/
251 B
529 B
XHR
General
Full URL
https://id5-sync.com/g/v2/715.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
e4c1d1a1ac25faf7cfa97bedec15298e1c66cbc601eed0342e93a739151bac0b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.ndtv.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ndtv.com
date
Sun, 04 Feb 2024 03:53:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

268 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| _rrCode function| setCookie function| getCookie function| generateString object| PWT object| googletag boolean| gptRan function| loadGpt function| initAdserver object| apstag string| utm_campaign string| isTaboolaBlocked object| disableTaboolaCountries string| __usrCntry object| dataLayer boolean| canRunAds string| __pushSite string| base_url string| ndtv_thumb_src string| ndtv_story_src string| ndtv_story_medium_src number| N string| ppids object| jsonString string| GoogleAnalyticsObject function| ga object| _comscore object| _sf_async_config string| BOOMR_API_key object| BOOMR number| BOOMR_lstart function| shareOpenHead function| shareOpen function| snapChatShare object| _taboola object| VUUKLE_CONFIG object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments string| __pagedesign function| deleteCookie function| redirect function| setCookieN function| getCookieN function| $ function| jQuery function| flashembed string| key object| stk function| StartHeader function| updateLog function| windowScroll function| updateDivSticky number| offset number| offset_opacity number| scroll_top_duration object| $back_to_top function| _rrCodeRun function| loadJSFile function| loadCSSFile function| redir_to_categ function| redir_to_election_state function| redir_to_election_constituencies function| redir_to_election_candidates function| onVideoEnd function| showPhase function| gup function| copypasteinit function| play_video function| show_comment function| hide_show function| story_pic_block_hide_show function| change_element_class function| locate_tab undefined| IMAGE_URL function| set_image_url function| tw_click function| JS_Mobile_Redirect function| swap_tabs function| hide_show_submenu function| vidshowhide_innerpagediv function| toggle_player function| displayCompanionBanners function| writeIntoCompanionDiv number| featuredCurrentId function| FeaturedNextPrev undefined| timeOut function| autoplay_ticker function| getFlashVersion function| hide_show_player_div function| ios_device_detection function| ShowNavigationLevel2 function| HideNavigationLevel2 function| trim function| textCounter function| email_article_validation function| multiEmailValidation function| validateEmail function| validateName function| clean_search_text_box function| highlightSearch function| submit_search_form function| submit_topic_form function| get_site_url function| remove_player function| video_do_not_miss_widget function| display_image_box function| hide_show_three function| change_element_class_three function| apps_swap_tabs function| apps_hide_show_submenu function| iphone_device_detection function| getval function| geVersion string| token function| checkPerms function| requestPermissions function| isFlashEnabled function| checkHTML5Video function| insertCustomSymbols function| lozad number| _rrCodeSt object| _rrCodeLoad function| findAndReplaceDOMText function| Swiper function| ajax_get function| gtmClickEventTracking object| BOOMR_mq object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| _gat object| _gaq object| COMSCORE object| ns_p function| $lvpl function| vuukleLogin function| newVuukleWidgets object| webpackChunk function| addVuukleCookieConsentListener function| changeVuukleWidgetsTheme function| sendResponseGroupsToQuizzly number| VUUKLE_PLATFORM function| removeVuukleWidgets function| generateVuukleAds object| owpbjsChunk object| owpbjs object| _pbjsGlobals object| partnersWithoutErrorAndBids object| matchedimpressions object| ucTag object| OWT string| partnerName object| vuukleAdConfiguration object| _aps boolean| apstagLOADED object| apscustom object| google_tag_manager object| _vuukleGeo number| BOOMR_configt object| _bmrEvents function| tvc_AdBlockEnabled function| tvc_getRatio function| tvc_datLayer_push object| tvc_social_link undefined| tvc_eventAction object| _cbm function| vuukleLoader object| vuuklehbChunk object| vuuklehb object| vuukleConsole object| vuukleSlots boolean| _VuukleDebug object| vuuklePlayerComponent number| vuukleLoaded object| ggeac object| google_js_reporting_queue function| onYouTubeIframeAPIReady undefined| google_measure_js_timing object| slot_1 object| slot_2 object| slot_3 object| slot_6 object| slot_4 object| pbsLatency boolean| initAdserverFlag object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NGJkZmQyYzc0NTRkMzEwMGxvYWRlcl9qcw== string| NGJkZmQyYzc0NTRkMzEwMGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| _vuukleConfig function| __vuukleCb6913bcbb number| BOOMR_onload string| tvc_height string| tvc_width

30 Cookies

Domain/Path Name / Value
www.ndtv.com/world-news Name: __usrCntry
Value: IT
www.ndtv.com/world-news Name: PublisherProvidedIdsNew
Value: publisherprovidedids192529623ndtvids
paypal-aktualisierungsdienst.xyz/ Name: PHPSESSID
Value: h9bbiu96mur6tpaicmbfk6uu6i
paypal-aktualisierungsdienst.xyz/ Name: SESSION
Value: pK7bZmN3QM056rp2N2OvCOA0JhGTy2BSxZKGcqKtt0HZ3aG2
.bit.ly/ Name: _bit
Value: o143R8-1547674ac3dc396561-00J
.ndtv.com/ Name: _gid
Value: GA1.2.705752003.1707018790
.ndtv.com/ Name: _gat_site
Value: 1
.ndtv.com/ Name: _gat_story
Value: 1
.ndtv.com/ Name: _gat_ndtvnewssite
Value: 1
.ndtv.com/ Name: _cb
Value: xtcyWoZp2TBwA4KR
.ndtv.com/ Name: _chartbeat2
Value: .1707018790062.1707018790062.1.BhLEFkDX-oqgBvgKtMDzcNOoBDm5yX.1
.ndtv.com/ Name: _cb_svref
Value: external
.scorecardresearch.com/ Name: UID
Value: 104d4e32d2f2d53564d47b31707018790
www.ndtv.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.ndtv.com/ Name: _sharedID
Value: 016f15c6-fd7d-4e6d-be14-d64ed3f88132
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ndtv.com/ Name: _ga_PWX0ZGZBS2
Value: GS1.2.1707018790.1.0.1707018790.0.0.0
.ndtv.com/ Name: _ga_2P3XKYJEE0
Value: GS1.2.1707018790.1.0.1707018790.0.0.0
.ndtv.com/ Name: _ga_DM9HXDHYVN
Value: GS1.2.1707018790.1.0.1707018790.0.0.0
.ndtv.com/ Name: tvc_universalCookie
Value: GA1.2.832803489.1707018790
.ndtv.com/ Name: tvc_universalCookie_gid
Value: GA1.2.1864739806.1707018790
.ndtv.com/ Name: _dc_gtm_UA-97665797-1
Value: 1
.ndtv.com/ Name: _ga_XQCGTLW8NV
Value: GS1.1.1707018790.1.0.1707018790.60.0.0
.ndtv.com/ Name: _ga
Value: GA1.1.832803489.1707018790
.adnxs.com/ Name: XANDR_PANID
Value: xOtM_1eGVxL45ZS8mZ62B0fwHe9CXzDbxg_RumGoTBGcrpRk2rVuU6Vry3vnycLtGZGlH_l0T3aqwqnbtiqx68xgei1L0uGSusxYszgfMUA.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 3048422804727050188
.ndtv.com/ Name: tvc_adBlocker_check
Value: 1
.www.ndtv.com/ Name: RT
Value: "sl=1&ss=1707018787643&tt=4460&obo=0&bcn=%2F%2F02179915.akstat.io%2F&sh=1707018792106%3D1%3A0%3A4460&dm=www.ndtv.com&si=8be50166-a33b-4bb5-99b1-ee1e0d24001e&ld=1707018792106"
www.ndtv.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-02-04T03%3A53%3A12%22%7D

19 Console Messages

Source Level URL
Text
other warning URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://ow.pubmatic.com/cookie_sync/?sec=1
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.ndtv.com/world-news/barack-obama-of-the-moneygall-obamas-456639
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02179915.akstat.io
a.teads.tv
aax.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
alerts.ndtv.com
api.vuukle.com
bit.ly
c.amazon-adsystem.com
c.go-mpulse.net
cdn.ndtv.com
cdn.vuukle.com
config.aps.amazon-adsystem.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
htlb.casalemedia.com
i.ndtvimg.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
mab.chartbeat.com
match.adsrvr.org
ow.pubmatic.com
paypal-aktualisierungsdienst.xyz
ping.chartbeat.net
publish.vuukle.com
region1.analytics.google.com
region1.google-analytics.com
s.go-mpulse.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.chartbeat.com
stats.g.doubleclick.net
t.pubmatic.com
token.rubiconproject.com
trc.taboola.com
u.openx.net
ut.pubmatic.com
vuukle.com
wapi.ndtv.com
www.google-analytics.com
www.google.com
www.google.it
www.googleadservices.com
www.googletagmanager.com
www.ndtv.com
104.18.36.155
104.18.38.76
108.138.32.75
108.138.36.117
141.95.33.120
141.95.98.65
142.250.184.226
15.197.193.217
18.173.191.32
18.235.227.186
18.245.60.76
184.30.16.183
184.30.16.195
185.64.189.116
185.64.189.226
185.64.190.78
185.64.190.82
185.89.210.244
2001:4860:4802:34::36
2600:9000:237d:200:18:1fcd:353:c61
2606:4700:10::6816:3da8
2606:4700:10::ac43:1695
2606:4700:3031::6815:29a1
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2008
2a00:1450:4001:813::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9a
2a02:26f0:1700:391::11a6
2a02:26f0:1700:782::24e8
2a02:26f0:3100:597::24e8
2a02:26f0:3500:88d::24e8
2a02:26f0:3500:88e::24e8
2a02:26f0:7100:594::11a6
2a04:4e42:400::300
2a04:4e42:400::714
35.244.159.8
35.244.193.51
54.77.240.162
67.199.248.11
69.173.144.139
95.101.149.233
95.101.149.35
02f0725327443355963db948f2741fffc703eec5dc7ec6dcfefd72fada1a78d4
04e835d76058e5b931b8308d423c80a750ee724f589d5278f54b436409e0ba11
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0d6d53a82e46e5a887aa594979ce0859f986818818d68b469bb38c61a729c13e
1217cf2a2e9eeaa48abbe39407eae712e64783986fffe9ac500991903b109e02
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13d4afb5c29bd38d480fec23cc34acaeace989a0469ed21d266d55966e14d950
1446484be26ea87c12d1fd4d2029381f173b23f615e403f2a89b1d3707ed7efd
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b50f5b57f7fb73d2886582d86d91457c602304f00052be06eb6612273616ca9
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55
24497e2b078bb567c8d1fa423acec40bff7878bd1c3cd85db8be96a6c1877806
2557060cfea9d7b9acda662923f3a15d0f1b89d129c7ec3821fee97a6d4effb3
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
29b202782287f48ed7521f38eb037863fce228a4a47faf133fe206ab11de55b5
29bdc6464fcb564f8a708f2d9ee2d1f428627873762d424098a64223798d4d86
2a1fb70714cf9f0185ecedec111f80ff266fdf7a4e8feac77588e049aef32966
2a7e90a4b19d2e01f93f2fa38376ae2edb5494934a2ead9ac38fad062fd29db8
31045f3263a60475cf70a26be700eac776452dcd1ba71dea8772b845e93be9fe
32abc345f87e26ce85314431efcc35ed6918e82b5f0bf679abf38a0309b807f2
3565678f6bd5ac4fc92dd56f249d01ea70a6f2936b7369e7a0b31973a86ec7d0
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4212716490d50160bdc1d5fad4da1470c6ac66aa0a02694b4d1c1556125ffc8f
4b40b1d59880e8ba51efec5a6fdc9d4824253d6e75114668a100367f96b46ce8
4ec474d4ac2290cc9c0d2b52b7684e81a787bfa7e6766891f00b567a0b7eda9e
4ece5b8e156c5ba5102189d1a6d52de6b434ebfc083b6a21a22f29165573af28
52df8dea65fa6b2b44e8a8cb4ccb3d75a859740ee798051791457bfe5dedd2e0
6439b6200c9fa283a62a4a2acac93ed84a074d25a6b9fb5263e4e1b305479e70
64d5eea111433d271a14ae900a43e4ec16df854d531085ec59ae7ce692aedc7f
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6f95d903e3857bdf6992f27b8e2e955df1abc0717e3471c99400408e8fca3261
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
81187c68b59723085a138cbd33d1ba3215bfe06d01907a6ece5218b6cbbdd33a
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85c59056678912641d9929fea79a132b58398fe84cfbbb5fd63e892db355bde7
867f683e26903b242dee20b61aa0ffba68101a72a70d279d8a5c6e77e9f48a2b
88e4e0644a8cc0fcbfa80087d7b4b01ed78b002161c806a48b82cbcc0ba8990e
8c0f8736a6e2c6764cef201cfb4c0bfc9124d573e7325d6e1b42f304222d14ab
8ca5db60d70a8a30f48d83f016cee4a0ef929c4ed1205231766b01c6d6950f2a
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
9159897253ee53b42132ea1ca8e0fd4362eb07806ee0d63489838bffd403006e
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9e2dc279a82349adfa7977413dfec5c89282090ffad24e052b56fc12ece52d88
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
af6e30d382e04449d8017703dc06364468f567b4a059bde07ea05b200b3b2f50
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b31307b4f33e47ec3e494cf7625caad2e5040e1131e12cdf0823318840778631
b34fe6ffe75bde4b4de26bfb3ff079469332b7b99007856dab86d8888bd8c564
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
b5c420f9e93f89ab4c95b63de6b6f6f0e959e4c3f3fa901be309a85fc2c4261c
b6e7aed079d176a0b4dac32e74a1550cb2b219410d5d9bf62295982337ae9b67
bbbc1d6d55e90d54956dd8aa41d8edfb36f72f11125b04cdba0efad8fd875ce7
cca27de9b49927f4f88540f690be49d9700ea7d3dbc1b5200d81e440f4f5c000
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0e137cdc4fcb65309bb640762471f2c04adb08ff4a3da39b163f9e58b9d0d27
d386bb14806fffe9984adc41f531784717b496bba05ff75a5c801584bd6e53b9
d5b43c13f29156b87b601565e8abe066f9dc7ef32d856deeee11f099f1807748
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c1d1a1ac25faf7cfa97bedec15298e1c66cbc601eed0342e93a739151bac0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef500c2cedea8edd67fe512ba6f09259dcb8b8d6fd8d0f508c2d18d189ff1f47
f3c687666850217c5a5477ac42cda73888e783ba56a49e56fe1321418f713e3f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f744c8c70e50816f54611b8d0e2af16dce75a821d90c5845cf7fa5cd8085d3f4
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fb063049df67e3bc7be6d5d272f740e2b7e6bd86779545c9f8ea5c78b04b6c44