urlscan.io logo urlscan.io
SecurityTrails logo

sub4.mafinet.store Open in urlscan Pro
109.172.94.114  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sub4.mafinet.store/
Effective URL: https://sub4.mafinet.store/
Submission: On May 27 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 125 IPs in 15 countries across 101 domains to perform 527 HTTP transactions. The main IP is 109.172.94.114, located in United States and belongs to AEZA-AS AEZA INTERNATIONAL LTD, GB. The main domain is sub4.mafinet.store.
TLS certificate: Issued by E5 on May 19th 2025. Valid for: 3 months.
This is the only time sub4.mafinet.store was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 109.172.94.114 210644 (AEZA-AS A...)
8 2a02:26f0:278... 20940 (AKAMAI-AS...)
9 108.138.3.93 16509 (AMAZON-02)
28 172.217.16.194 15169 (GOOGLE)
28 2a02:26f0:278... 20940 (AKAMAI-AS...)
2 18.245.31.123 16509 (AMAZON-02)
3 2a02:26f0:310... 20940 (AKAMAI-AS...)
7 151.101.65.44 54113 (FASTLY)
2 18.244.18.27 16509 (AMAZON-02)
5 2a02:26f0:278... 20940 (AKAMAI-AS...)
2 9 2a02:2638:3::c 44788 (ASN-CRITE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 108.129.4.74 16509 (AMAZON-02)
2 3.33.220.150 16509 (AMAZON-02)
1 104.18.0.22 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 23.38.98.195 20940 (AKAMAI-AS...)
1 23.45.96.101 16625 (AKAMAI-AS)
1 34.120.253.250 396982 (GOOGLE-CL...)
67 2.20.245.202 20940 (AKAMAI-AS...)
1 2a00:1450:400... 15169 (GOOGLE)
12 34.98.72.95 396982 (GOOGLE-CL...)
1 142.250.185.136 15169 (GOOGLE)
1 3 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
14 34.111.8.32 396982 (GOOGLE-CL...)
3 151.101.1.44 54113 (FASTLY)
4 104.18.24.18 13335 (CLOUDFLAR...)
6 95.101.149.233 16625 (AKAMAI-AS)
5 95.100.185.43 16625 (AKAMAI-AS)
1 5 104.18.27.193 13335 (CLOUDFLAR...)
5 198.47.127.19 62713 (AS-PUBMATIC)
2 69.173.144.139 26667 (RUBICONPR...)
3 52.223.40.198 16509 (AMAZON-02)
1 3 98.82.157.137 14618 (AMAZON-AES)
2 13.216.139.205 14618 (AMAZON-AES)
7 10 142.250.184.194 15169 (GOOGLE)
1 1 35.186.193.173 396982 (GOOGLE-CL...)
2 10 104.18.26.193 13335 (CLOUDFLAR...)
1 1 172.105.235.90 63949 (AKAMAI-LI...)
3 4 37.157.6.230 198622 (ADFORM Ad...)
1 2 141.226.228.48 200478 (TABOOLA-A...)
1 104.18.43.206 13335 (CLOUDFLAR...)
1 172.217.18.1 15169 (GOOGLE)
3 80.77.82.125 46636 (NATCOWEB)
3 35.186.253.211 396982 (GOOGLE-CL...)
3 23.219.149.198 16625 (AKAMAI-AS)
3 52.223.6.21 16509 (AMAZON-02)
2 18.197.233.188 16509 (AMAZON-02)
4 2602:803:c003... 26667 (RUBICONPR...)
3 37.252.173.215 29990 (ASN-APPNEX)
3 2a02:2638:3::27 44788 (ASN-CRITE...)
4 35.159.236.149 16509 (AMAZON-02)
3 151.101.129.44 54113 (FASTLY)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
3 144.126.254.234 14061 (DIGITALOC...)
5 185.64.189.112 62713 (AS-PUBMATIC)
3 18.66.123.205 16509 (AMAZON-02)
2 16 35.212.104.44 19527 (GOOGLE-2)
48 23.38.98.242 20940 (AKAMAI-AS...)
6 34.160.55.127 396982 (GOOGLE-CL...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 45.133.44.3 39572 (ADVANCEDH...)
1 45.133.44.4 39572 (ADVANCEDH...)
1 51.38.120.206 16276 (OVH OVH SAS)
1 80.77.84.99 46636 (NATCOWEB)
3 167.235.37.234 24940 (HETZNER-A...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 142.250.186.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 34.98.64.218 396982 (GOOGLE-CL...)
1 151.101.193.108 54113 (FASTLY)
3 151.101.193.44 54113 (FASTLY)
2 2a05:d018:d29... 16509 (AMAZON-02)
2 3 2620:116:800d... 16509 (AMAZON-02)
2 2 172.64.150.63 13335 (CLOUDFLAR...)
1 52.19.224.221 16509 (AMAZON-02)
4 34.111.170.203 396982 (GOOGLE-CL...)
3 2a02:2638:3::28 44788 (ASN-CRITE...)
3 185.89.210.141 29990 (ASN-APPNEX)
2 178.250.1.11 44788 (ASN-CRITE...)
7 103.231.98.109 62713 (AS-PUBMATIC)
1 1 178.250.1.9 44788 (ASN-CRITE...)
1 67.220.228.202 16509 (AMAZON-02)
1 1 148.113.153.94 16276 (OVH OVH SAS)
1 1 2a00:1288:80:... 203220 (YAHOO-DEB...)
2 2a00:1288:80:... 203220 (YAHOO-DEB...)
1 2 77.243.51.121 42697 (NETIC-AS ...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.204.201.36 396982 (GOOGLE-CL...)
4 2a02:2638:3::39 44788 (ASN-CRITE...)
1 2 81.17.55.117 60781 (LEASEWEB-...)
5 9 35.214.136.108 19527 (GOOGLE-2)
1 3 2a02:2638:3::3a 44788 (ASN-CRITE...)
2 2 2001:678:cb4:... 56396 (Amobee NE...)
1 1 163.5.194.35 60558 (SECUREDSE...)
8 17 172.67.72.108 13335 (CLOUDFLAR...)
2 2 163.5.194.31 60558 (SECUREDSE...)
2 2 146.59.69.183 16276 (OVH OVH SAS)
4 103.231.98.106 62713 (AS-PUBMATIC)
1 185.89.211.84 29990 (ASN-APPNEX)
1 35.244.174.68 396982 (GOOGLE-CL...)
3 34.1.242.226 15169 (GOOGLE)
1 169.197.150.7 398989 (DEEPINTENT)
1 70.42.32.127 22075 (AS-OUTBRAIN)
1 2a02:fa8:8806... 41041 (VCLK-EU-S...)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
1 91.227.144.189 50245 (SERVEREL-...)
1 8.2.110.114 46636 (NATCOWEB)
4 4 82.145.213.8 39832 (NO-OPERA ...)
2 2 172.64.144.50 13335 (CLOUDFLAR...)
1 1 8.2.109.251 46636 (NATCOWEB)
1 103.67.200.72 60558 (SECUREDSE...)
4 4 46.228.174.117 56396 (Amobee NE...)
1 1 35.214.242.178 19527 (GOOGLE-2)
1 80.77.82.130 46636 (NATCOWEB)
1 54.72.210.2 16509 (AMAZON-02)
1 1 3.225.156.32 14618 (AMAZON-AES)
1 1 204.62.12.198 46636 (NATCOWEB)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 80.77.85.111 46636 (NATCOWEB)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
1 1 172.111.38.111 63023 (AS-GLOBAL...)
1 188.40.16.220 24940 (HETZNER-A...)
1 52.213.252.64 16509 (AMAZON-02)
1 69.173.144.138 26667 (RUBICONPR...)
1 35.244.193.51 396982 (GOOGLE-CL...)
3 162.19.138.117 16276 (OVH OVH SAS)
1 51.89.9.251 16276 (OVH OVH SAS)
1 80.77.84.96 46636 (NATCOWEB)
1 2a02:26f0:278... 20940 (AKAMAI-AS...)
4 2a02:26f0:278... 20940 (AKAMAI-AS...)
1 2a02:26f0:480... 20940 (AKAMAI-AS...)
1 2a02:26f0:278... 20940 (AKAMAI-AS...)
2 185.64.189.114 62713 (AS-PUBMATIC)
1 2a02:26f0:278... 20940 (AKAMAI-AS...)
1 2a02:26f0:278... 20940 (AKAMAI-AS...)
2 2 34.1.230.247 15169 (GOOGLE)
1 1 80.82.210.217 24961 (MYLOC-AS ...)
1 54.220.149.252 16509 (AMAZON-02)
1 34.36.216.150 396982 (GOOGLE-CL...)
1 2a02:fa8:8806... 41041 (VCLK-EU-S...)
2 3.237.175.195 14618 (AMAZON-AES)
1 142.250.185.225 15169 (GOOGLE)
527 125
1    109.172.94.114 (United States)

ASN210644 (AEZA-AS AEZA INTERNATIONAL LTD, GB)
PTR: telling-page.aeza.network
sub4.mafinet.store
8    2a02:26f0:2780:60::214:f553 (Netherlands)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
assets.toiimg.com
9    108.138.3.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-3-93.fra56.r.cloudfront.net
c.amazon-adsystem.com
28    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
28    2a02:26f0:2780:60::214:f54d (Netherlands)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
timesofindia.indiatimes.com
static.toiimg.com
2    18.245.31.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-123.fra56.r.cloudfront.net
config.aps.amazon-adsystem.com
3    2a02:26f0:3100:5b5::216f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
geoapi.indiatimes.com
7    151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
beacon.taboola.com
2    18.244.18.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-27.fra56.r.cloudfront.net
sb.scorecardresearch.com
5    2a02:26f0:2780:60::214:f546 (Netherlands)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
static.clmbtech.com
ade.clmbtech.com
9    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
gum.criteo.com
gumi.criteo.com
1    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
3    108.129.4.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-4-74.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
sync.crwdcntrl.net
2    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    104.18.0.22 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    23.38.98.195 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-38-98-195.deploy.static.akamaitechnologies.com
timesofindia.indiatimes.com
1    23.45.96.101 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-96-101.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.wknd.ai
67    2.20.245.202 (Netherlands)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-20-245-202.deploy.static.akamaitechnologies.com
static.toiimg.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
12    34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
1    142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net
www.googletagmanager.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
14    34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com
api.bounceexchange.com
events.bouncex.net
3    151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
pm-widget.taboola.com
cdn.taboola.com
4    104.18.24.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
6    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    95.100.185.43 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-185-43.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
as-sec.casalemedia.com
5    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    98.82.157.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-157-137.compute-1.amazonaws.com
s.amazon-adsystem.com
2    13.216.139.205 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-13-216-139-205.compute-1.amazonaws.com
i.liadm.com
10    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
1    35.186.193.173 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
10    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
htlb.casalemedia.com
1    172.105.235.90 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1889-90.members.linode.com
s.c.appier.net
4    37.157.6.230 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
c1.adform.net
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)
am-trc-events.taboola.com
sync.taboola.com
1    104.18.43.206 (None, )

ASN13335 (CLOUDFLARENET, US)
www.temu.com
1    172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f1.1e100.net
1eded9e14ce9ab5d9e8959151fc7e8be.safeframe.googlesyndication.com
3    80.77.82.125 (United Kingdom)

ASN46636 (NATCOWEB, US)
jambojar-prebid.attekmi.com
3    35.186.253.211 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    23.219.149.198 (Santiago, Chile)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-149-198.deploy.static.akamaitechnologies.com
a.teads.tv
3    52.223.6.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8c33d2b6751b365d.awsglobalaccelerator.com
direct.adsrvr.org
2    18.197.233.188 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-233-188.eu-central-1.compute.amazonaws.com
krk2.kargo.com
4    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    2a02:2638:3::27 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
grid-bidder.criteo.com
4    35.159.236.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-159-236-149.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
3    151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
display.bidder.taboola.com
9    2606:4700:10::ac43:e77 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
3    144.126.254.234 (Bengaluru, India)

ASN14061 (DIGITALOCEAN-ASN, US)
bidding.rediads.com
5    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    18.66.123.205 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-123-205.fra60.r.cloudfront.net
aax.amazon-adsystem.com
16    35.212.104.44 (Washington, United States)

ASN19527 (GOOGLE-2, US)
PTR: 44.104.212.35.bc.googleusercontent.com
sync.inmobi.com
48    23.38.98.242 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-38-98-242.deploy.static.akamaitechnologies.com
assets.toiimg.com
6    34.160.55.127 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 127.55.160.34.bc.googleusercontent.com
navvy.media.net
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
1    2a00:1450:4001:829::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
player.hb.selectmedia.asia
1    45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
player.adtelligent.com
1    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    80.77.84.99 (Clifton, United States)

ASN46636 (NATCOWEB, US)
endpoint.copper6.com
3    167.235.37.234 (Bühl, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.234.37.235.167.clients.your-server.de
sghb.hb.selectmedia.asia
1    2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
4    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
ep1.adtrafficquality.google
1    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ab1034c41a49019d8f63fd87332c878d.safeframe.googlesyndication.com
5    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
timesinternet-d.openx.net
u.openx.net
1    151.101.193.108 (San Francisco, United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
3    151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
2    2a05:d018:d29:3601:1e46:8c0d:1caf:fdca (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    172.64.150.63 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    52.19.224.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-224-221.eu-west-1.compute.amazonaws.com
cm.adgrx.com
4    34.111.170.203 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 203.170.111.34.bc.googleusercontent.com
ssp.wknd.ai
3    2a02:2638:3::28 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
static.criteo.net
3    185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
mug.criteo.com
7    103.231.98.109 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
dis.criteo.com
1    67.220.228.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    148.113.153.94 (Canada)

ASN16276 (OVH OVH SAS, FR)
PTR: ns5020952.ip-148-113-153.net
pixel.onaudience.com
1    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB)
cms.analytics.yahoo.com
2    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB)
ups.analytics.yahoo.com
2    77.243.51.121 (Aalborg, Denmark)

ASN42697 (NETIC-AS Netic A/S, DK)
uipglob.semasio.net
1    2606:4700::6812:1572 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    35.204.201.36 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.201.204.35.bc.googleusercontent.com
um.simpli.fi
4    2a02:2638:3::39 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
bidder.criteo.com
2    81.17.55.117 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)
sync.smartadserver.com
9    35.214.136.108 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 108.136.214.35.bc.googleusercontent.com
x.bidswitch.net
3    2a02:2638:3::3a (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
ssp-sync.criteo.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (Amobee NEXXEN GROUP LTD, GB)
ad.turn.com
1    163.5.194.35 (Amsterdam, Netherlands)

ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US)
sync.a-mo.net
17    172.67.72.108 (United States)

ASN13335 (CLOUDFLARENET, US)
dsp-service.admatic.de
prebid.admatic.de
static.cdn.admatic.de
2    163.5.194.31 (Amsterdam, Netherlands)

ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US)
prebid.a-mo.net
2    146.59.69.183 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ngx-pl-01.greencuttlefish.com
server.smartytech.io
4    103.231.98.106 (Japan)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
3    34.1.242.226 (United States)

ASN15169 (GOOGLE, US)
PTR: 226.242.1.34.bc.googleusercontent.com
s.ad.smaato.net
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE Conversant LLC, US)
inmobi-match.dotomi.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    91.227.144.189 (Amsterdam, Netherlands)

ASN50245 (SERVEREL-AS Serverel Inc., US)
sync.e-volution.ai
1    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
4    82.145.213.8 (Norway)

ASN39832 (NO-OPERA Opera Norway AS, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    172.64.144.50 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
www.temu.com
1    8.2.109.251 (United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    103.67.200.72 (Singapore, Singapore)

ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US)
PTR: 1.cpm.ams1.wowcon.net
sync.adkernel.com
4    46.228.174.117 (United Kingdom)

ASN56396 (Amobee NEXXEN GROUP LTD, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    35.214.242.178 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 178.242.214.35.bc.googleusercontent.com
csync.loopme.me
1    80.77.82.130 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
1    54.72.210.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-210-2.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    3.225.156.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-156-32.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    204.62.12.198 (Clifton, United States)

ASN46636 (NATCOWEB, US)
sync.clearnview.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    80.77.85.111 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.playdigo.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    172.111.38.111 (Reston, United States)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 111-38-111-172.clients.gthost.com
tracker-shr.ortb.net
1    188.40.16.220 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.220.16.40.188.clients.your-server.de
ittpx.eskimi.com
1    52.213.252.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-252-64.eu-west-1.compute.amazonaws.com
ap.lijit.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
3    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
lb.eu-1-id5-sync.com
1    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH OVH SAS, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
1    80.77.84.96 (Clifton, United States)

ASN46636 (NATCOWEB, US)
csync.copper6.com
1    2a02:26f0:2780:29a::3857 (Netherlands)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
agi-static.indiatimes.com
4    2a02:26f0:2780:60::214:f544 (Netherlands)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
plus.timesofindia.com
api.ibeat-analytics.com
1    2a02:26f0:480:d9a::3621 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
jssocdn.indiatimes.com
1    2a02:26f0:2780:60::214:f551 (Netherlands)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
locate.indiatimes.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    2a02:26f0:2780:60::214:f54f (Netherlands)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
jsso.indiatimes.com
1    2a02:26f0:2780:293::3621 (Netherlands)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
ematrix.filmipop.com
2    34.1.230.247 (United States)

ASN15169 (GOOGLE, US)
PTR: 247.230.1.34.bc.googleusercontent.com
ads.creative-serving.com
1    80.82.210.217 (Bergheim, Germany)

ASN24961 (MYLOC-AS WIIT AG, DE)
dsp-cookie.adfarm1.adition.com
1    54.220.149.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-149-252.eu-west-1.compute.amazonaws.com
dsp.360yield.com
1    34.36.216.150 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com
pixel-sync.sitescout.com
1    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE Conversant LLC, US)
pubmatic-match.dotomi.com
2    3.237.175.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-237-175-195.compute-1.amazonaws.com
carbon-cdn.ccgateway.net
privacy-location-edge.ccgateway.net
1    142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net
ep2.adtrafficquality.google
Apex Domain
Subdomains		 Transfer
149 toiimg.com
assets.toiimg.com — Cisco Umbrella Rank: 30460
static.toiimg.com — Cisco Umbrella Rank: 44517
1 MB
28 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 690
image6.pubmatic.com — Cisco Umbrella Rank: 1007
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 782
simage2.pubmatic.com — Cisco Umbrella Rank: 1244
image2.pubmatic.com — Cisco Umbrella Rank: 1351
image8.pubmatic.com — Cisco Umbrella Rank: 965
simage4.pubmatic.com — Cisco Umbrella Rank: 3292
54 KB
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 151
1eded9e14ce9ab5d9e8959151fc7e8be.safeframe.googlesyndication.com
ab1034c41a49019d8f63fd87332c878d.safeframe.googlesyndication.com
121 KB
22 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 524
gumi.criteo.com — Cisco Umbrella Rank: 29050
grid-bidder.criteo.com — Cisco Umbrella Rank: 1372
mug.criteo.com — Cisco Umbrella Rank: 2538
dis.criteo.com — Cisco Umbrella Rank: 1015
bidder.criteo.com — Cisco Umbrella Rank: 1735
ssp-sync.criteo.com — Cisco Umbrella Rank: 1342
21 KB
19 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
stats.g.doubleclick.net — Cisco Umbrella Rank: 260
cm.g.doubleclick.net — Cisco Umbrella Rank: 363
263 KB
18 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1001
pm-widget.taboola.com — Cisco Umbrella Rank: 3850
trc.taboola.com — Cisco Umbrella Rank: 967
beacon.taboola.com — Cisco Umbrella Rank: 1893
am-trc-events.taboola.com — Cisco Umbrella Rank: 18084
sync.taboola.com — Cisco Umbrella Rank: 1598
display.bidder.taboola.com — Cisco Umbrella Rank: 3568
323 KB
18 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 398
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 917
s.amazon-adsystem.com — Cisco Umbrella Rank: 405
aax.amazon-adsystem.com — Cisco Umbrella Rank: 538
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1226
103 KB
17 admatic.de
dsp-service.admatic.de — Cisco Umbrella Rank: 5969
prebid.admatic.de — Cisco Umbrella Rank: 8835
static.cdn.admatic.de — Cisco Umbrella Rank: 8686
18 KB
16 inmobi.com
api.w.inmobi.com Failed
sync.inmobi.com — Cisco Umbrella Rank: 1525
6 KB
15 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 802
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 930
htlb.casalemedia.com — Cisco Umbrella Rank: 819
as-sec.casalemedia.com — Cisco Umbrella Rank: 6653
11 KB
15 indiatimes.com
timesofindia.indiatimes.com — Cisco Umbrella Rank: 17452
geoapi.indiatimes.com — Cisco Umbrella Rank: 78306
agi-static.indiatimes.com — Cisco Umbrella Rank: 90974
jssocdn.indiatimes.com — Cisco Umbrella Rank: 95505
locate.indiatimes.com — Cisco Umbrella Rank: 144888
jsso.indiatimes.com — Cisco Umbrella Rank: 33405 Failed
57 KB
13 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 4564
1 KB
13 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 878
token.rubiconproject.com — Cisco Umbrella Rank: 704
fastlane.rubiconproject.com — Cisco Umbrella Rank: 710
pixel.rubiconproject.com — Cisco Umbrella Rank: 564
15 KB
13 bounceexchange.com
assets.bounceexchange.com — Cisco Umbrella Rank: 4337
api.bounceexchange.com — Cisco Umbrella Rank: 4892
223 KB
10 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 473
ep2.adtrafficquality.google — Cisco Umbrella Rank: 478
38 KB
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 535
2 KB
9 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5252
csync.smilewanted.com — Cisco Umbrella Rank: 3408
static.smilewanted.com — Cisco Umbrella Rank: 12272
15 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 392 Failed
acdn.adnxs.com — Cisco Umbrella Rank: 1014
secure.adnxs.com — Cisco Umbrella Rank: 817 Failed
21 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 496
direct.adsrvr.org — Cisco Umbrella Rank: 1708
2 KB
6 media.net
prebid.media.net Failed
navvy.media.net — Cisco Umbrella Rank: 4323
739 B
5 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 893
cms.analytics.yahoo.com — Cisco Umbrella Rank: 3010
ups.analytics.yahoo.com — Cisco Umbrella Rank: 790
1 KB
5 selectmedia.asia
player.hb.selectmedia.asia — Cisco Umbrella Rank: 52721
sghb.hb.selectmedia.asia — Cisco Umbrella Rank: 66205 Failed
666 KB
5 openx.net
rtb.openx.net — Cisco Umbrella Rank: 838
timesinternet-d.openx.net — Cisco Umbrella Rank: 89382
u.openx.net — Cisco Umbrella Rank: 1056
1 KB
5 wknd.ai
tag.wknd.ai — Cisco Umbrella Rank: 5530
ssp.wknd.ai — Cisco Umbrella Rank: 8708
3 KB
5 clmbtech.com
static.clmbtech.com — Cisco Umbrella Rank: 21496
ade.clmbtech.com — Cisco Umbrella Rank: 3888
47 KB
4 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1222
3 KB
4 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1796
497 B
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 988
2 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1039
cdn.indexww.com — Cisco Umbrella Rank: 2732
2 KB
3 timesofindia.com
plus.timesofindia.com — Cisco Umbrella Rank: 75425
12 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 608
1 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 691
2 KB
3 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1046
115 B
3 a-mo.net
sync.a-mo.net — Cisco Umbrella Rank: 2391
prebid.a-mo.net — Cisco Umbrella Rank: 1153
419 B
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 1030
43 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1262
752 B
3 rediads.com
bidding.rediads.com — Cisco Umbrella Rank: 52880
2 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1851
1 KB
3 attekmi.com
jambojar-prebid.attekmi.com — Cisco Umbrella Rank: 102829
735 B
3 temu.com
www.temu.com — Cisco Umbrella Rank: 902
1 KB
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 588
region1.analytics.google.com — Cisco Umbrella Rank: 2766
11 KB
3 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 3399
sync.crwdcntrl.net — Cisco Umbrella Rank: 1176
773 B
2 ccgateway.net
carbon-cdn.ccgateway.net — Cisco Umbrella Rank: 10203
privacy-location-edge.ccgateway.net — Cisco Umbrella Rank: 12077
8 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 7117
877 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 560
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 709
1 KB
2 dotomi.com
inmobi-match.dotomi.com — Cisco Umbrella Rank: 7372
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5514
208 B
2 smartytech.io
server.smartytech.io — Cisco Umbrella Rank: 8971
792 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1120
897 B
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1885
331 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2054
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 2090
s.tribalfusion.com — Cisco Umbrella Rank: 5189
1004 B
2 copper6.com
endpoint.copper6.com — Cisco Umbrella Rank: 25739
csync.copper6.com — Cisco Umbrella Rank: 3703
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 935
415 B
2 adtcdn.com
player.adtcdn.com — Cisco Umbrella Rank: 57908
3 KB
2 kargo.com
krk2.kargo.com — Cisco Umbrella Rank: 3067
1 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 868
416 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 100
234 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 271
7 KB
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1117
210 B
1 360yield.com
dsp.360yield.com — Cisco Umbrella Rank: 2810
199 B
1 adition.com
dsp-cookie.adfarm1.adition.com — Cisco Umbrella Rank: 2797
367 B
1 filmipop.com
ematrix.filmipop.com — Cisco Umbrella Rank: 141628
670 B
1 ibeat-analytics.com
api.ibeat-analytics.com — Cisco Umbrella Rank: 51582
387 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1949
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1148
290 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 2528
252 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 1065
193 B
1 ortb.net
tracker-shr.ortb.net — Cisco Umbrella Rank: 7505
763 B
1 playdigo.com
cs.playdigo.com — Cisco Umbrella Rank: 6154
570 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2656
170 B
1 clearnview.com
sync.clearnview.com — Cisco Umbrella Rank: 3555
370 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 905
1 KB
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 906
433 B
1 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 2923
98 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1167
246 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1662
483 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1784
22 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1435
386 B
1 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3720
129 B
1 e-volution.ai
sync.e-volution.ai — Cisco Umbrella Rank: 3048
60 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 983
200 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1424
44 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 1134
98 B
1 eskimi.com
ittpx.eskimi.com — Cisco Umbrella Rank: 2579 Failed
175 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1158
612 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 5069
439 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3395
402 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2964
434 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2399
324 B
1 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 28421
13 KB
1 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 505
13 KB
1 appier.net
s.c.appier.net — Cisco Umbrella Rank: 7783
561 B
1 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 6585
430 B
1 google.nl
www.google.nl — Cisco Umbrella Rank: 7924
408 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1606
17 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 979
5 KB
1 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 3096
271 B
1 mafinet.store
sub4.mafinet.store
197 KB
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 avantisvideo.com Failed
rtb.avantisvideo.com Failed
527 101
Domain Requested by
93 static.toiimg.com sub4.mafinet.store
assets.toiimg.com
56 assets.toiimg.com sub4.mafinet.store
assets.toiimg.com
20 pagead2.googlesyndication.com securepubads.g.doubleclick.net
sub4.mafinet.store
pagead2.googlesyndication.com
ep2.adtrafficquality.google
16 sync.inmobi.com 2 redirects assets.toiimg.com
sync.inmobi.com
13 events.bouncex.net sub4.mafinet.store
12 assets.bounceexchange.com tag.wknd.ai
assets.bounceexchange.com
10 cm.g.doubleclick.net 7 redirects ssum-sec.casalemedia.com
9 x.bidswitch.net 5 redirects sub4.mafinet.store
csync.smilewanted.com
sync.inmobi.com
ads.pubmatic.com
9 c.amazon-adsystem.com sub4.mafinet.store
c.amazon-adsystem.com
player.hb.selectmedia.asia
8 gum.criteo.com 2 redirects assets.toiimg.com
player.hb.selectmedia.asia
static.criteo.net
8 timesofindia.indiatimes.com sub4.mafinet.store
timesofindia.indiatimes.com
assets.toiimg.com
8 securepubads.g.doubleclick.net sub4.mafinet.store
securepubads.g.doubleclick.net
7 static.cdn.admatic.de dsp-service.admatic.de
7 prebid.admatic.de 7 redirects
7 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
7 cdn.taboola.com timesofindia.indiatimes.com
cdn.taboola.com
sub4.mafinet.store
assets.toiimg.com
6 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
sub4.mafinet.store
6 navvy.media.net assets.toiimg.com
6 ib.adnxs.com sub4.mafinet.store
assets.toiimg.com
ssum-sec.casalemedia.com
acdn.adnxs.com
ads.pubmatic.com
sync.inmobi.com
6 eus.rubiconproject.com assets.bounceexchange.com
eus.rubiconproject.com
assets.toiimg.com
sync.inmobi.com
5 hbopenbid.pubmatic.com assets.toiimg.com
assets.bounceexchange.com
5 image6.pubmatic.com ads.pubmatic.com
5 ads.pubmatic.com assets.bounceexchange.com
assets.toiimg.com
ads.pubmatic.com
sync.inmobi.com
csync.smilewanted.com
5 match.adsrvr.org assets.toiimg.com
ssum-sec.casalemedia.com
sub4.mafinet.store
ads.pubmatic.com
sync.inmobi.com
4 t.adx.opera.com 4 redirects
4 image8.pubmatic.com dsp-service.admatic.de
sync.inmobi.com
csync.copper6.com
4 bidder.criteo.com static.criteo.net
4 simage2.pubmatic.com ads.pubmatic.com
4 ssp.wknd.ai assets.bounceexchange.com
4 csync.smilewanted.com assets.toiimg.com
csync.smilewanted.com
dsp-service.admatic.de
4 ep1.adtrafficquality.google securepubads.g.doubleclick.net
sub4.mafinet.store
4 prebid.smilewanted.com assets.toiimg.com
4 btlr.sharethrough.com assets.toiimg.com
4 fastlane.rubiconproject.com assets.toiimg.com
4 c1.adform.net 3 redirects ads.pubmatic.com
3 plus.timesofindia.com assets.toiimg.com
3 creativecdn.com 3 redirects
3 sync.1rx.io 3 redirects
3 s.ad.smaato.net sync.inmobi.com
csync.copper6.com
3 dsp-service.admatic.de 1 redirects csync.smilewanted.com
3 ssp-sync.criteo.com 1 redirects sub4.mafinet.store
3 image2.pubmatic.com ads.pubmatic.com
3 static.criteo.net assets.bounceexchange.com
sub4.mafinet.store
3 cms.quantserve.com 2 redirects ads.pubmatic.com
3 sghb.hb.selectmedia.asia player.hb.selectmedia.asia
3 aax.amazon-adsystem.com c.amazon-adsystem.com
3 bidding.rediads.com assets.toiimg.com
3 display.bidder.taboola.com assets.toiimg.com
3 grid-bidder.criteo.com assets.toiimg.com
3 direct.adsrvr.org assets.toiimg.com
3 a.teads.tv assets.toiimg.com
3 rtb.openx.net assets.toiimg.com
3 jambojar-prebid.attekmi.com assets.toiimg.com
3 htlb.casalemedia.com assets.toiimg.com
3 www.temu.com 2 redirects sub4.mafinet.store
3 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
sync.inmobi.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
3 trc.taboola.com cdn.taboola.com
3 ade.clmbtech.com static.clmbtech.com
assets.toiimg.com
sub4.mafinet.store
3 geoapi.indiatimes.com timesofindia.indiatimes.com
sub4.mafinet.store
2 ads.creative-serving.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 id5-sync.com player.hb.selectmedia.asia
2 pixel.tapad.com 2 redirects
2 server.smartytech.io 2 redirects
2 prebid.a-mo.net 2 redirects
2 ad.turn.com 2 redirects
2 sync.smartadserver.com 1 redirects csync.smilewanted.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 ups.analytics.yahoo.com ads.pubmatic.com
2 mug.criteo.com sub4.mafinet.store
2 as-sec.casalemedia.com assets.bounceexchange.com
2 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
sub4.mafinet.store
2 onetag-sys.com player.hb.selectmedia.asia
2 player.hb.selectmedia.asia player.adtcdn.com
2 player.adtcdn.com sub4.mafinet.store
2 krk2.kargo.com assets.toiimg.com
2 cdn.indexww.com ssum-sec.casalemedia.com
2 i.liadm.com ssum-sec.casalemedia.com
2 token.rubiconproject.com eus.rubiconproject.com
2 js-sec.indexww.com assets.bounceexchange.com
assets.toiimg.com
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 region1.analytics.google.com 1 redirects www.googletagmanager.com
2 www.googletagmanager.com sub4.mafinet.store
www.googletagmanager.com
2 id.crwdcntrl.net assets.toiimg.com
player.hb.selectmedia.asia
2 static.clmbtech.com sub4.mafinet.store
2 sb.scorecardresearch.com sub4.mafinet.store
2 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 privacy-location-edge.ccgateway.net carbon-cdn.ccgateway.net
1 carbon-cdn.ccgateway.net timesofindia.indiatimes.com
1 pubmatic-match.dotomi.com sub4.mafinet.store
1 pixel-sync.sitescout.com sub4.mafinet.store
1 sync.crwdcntrl.net sub4.mafinet.store
1 dsp.360yield.com ads.pubmatic.com
1 dsp-cookie.adfarm1.adition.com 1 redirects
1 ematrix.filmipop.com timesofindia.indiatimes.com
1 jsso.indiatimes.com jssocdn.indiatimes.com
1 api.ibeat-analytics.com sub4.mafinet.store
1 locate.indiatimes.com timesofindia.indiatimes.com
1 jssocdn.indiatimes.com assets.toiimg.com
1 agi-static.indiatimes.com assets.toiimg.com
1 region1.google-analytics.com sub4.mafinet.store
1 lb.eu-1-id5-sync.com player.hb.selectmedia.asia
1 csync.copper6.com player.hb.selectmedia.asia
1 lexicon.33across.com player.hb.selectmedia.asia
1 u.openx.net csync.smilewanted.com
1 pixel.rubiconproject.com csync.smilewanted.com
1 ap.lijit.com sync.inmobi.com
1 tracker-shr.ortb.net 1 redirects
1 cs.playdigo.com 1 redirects
1 tr.blismedia.com sync.inmobi.com
1 sync.clearnview.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 match.prod.bidr.io sync.inmobi.com
1 cs.krushmedia.com sync.inmobi.com
1 csync.loopme.me 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.adkernel.com sync.inmobi.com
1 cs.admanmedia.com 1 redirects
1 us.ck-ie.com sync.inmobi.com
1 sync.e-volution.ai sync.inmobi.com
1 inmobi-match.dotomi.com sync.inmobi.com
1 b1sync.zemanta.com sync.inmobi.com
1 match.deepintent.com sync.inmobi.com
1 id.rlcdn.com sync.inmobi.com
1 sync.a-mo.net 1 redirects
1 ittpx.eskimi.com csync.smilewanted.com
sync.inmobi.com
1 static.smilewanted.com csync.smilewanted.com
1 um.simpli.fi ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 cms.analytics.yahoo.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 aax-eu.amazon-adsystem.com ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 cm.adgrx.com ssum-sec.casalemedia.com
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 secure.adnxs.com ssum-sec.casalemedia.com
sub4.mafinet.store
csync.smilewanted.com
1 acdn.adnxs.com assets.toiimg.com
1 timesinternet-d.openx.net assets.toiimg.com
1 ab1034c41a49019d8f63fd87332c878d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn.hadronid.net sub4.mafinet.store
1 endpoint.copper6.com player.hb.selectmedia.asia
1 player.adtelligent.com player.hb.selectmedia.asia
1 storage.googleapis.com sub4.mafinet.store
1 1eded9e14ce9ab5d9e8959151fc7e8be.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 sync.taboola.com 1 redirects
1 am-trc-events.taboola.com cdn.taboola.com
1 s.c.appier.net 1 redirects
1 cm.ctnsnet.com 1 redirects
1 beacon.taboola.com cdn.taboola.com
1 api.bounceexchange.com assets.bounceexchange.com
1 www.google.nl sub4.mafinet.store
1 stats.g.doubleclick.net www.googletagmanager.com
1 gumi.criteo.com cdn.taboola.com
1 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
1 tag.wknd.ai sub4.mafinet.store
1 secure.cdn.fastclick.net sub4.mafinet.store
1 unpkg.com timesofindia.indiatimes.com
1 id.hadron.ad.gt assets.toiimg.com
1 sub4.mafinet.store
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 rtb.avantisvideo.com Failed csync.copper6.com
0 api.w.inmobi.com Failed assets.toiimg.com
0 prebid.media.net Failed assets.toiimg.com
527 165
Subject Issuer Validity Valid
sub4.mafinet.store
E5		 2025-05-19 -
2025-08-17		 3 months crt.sh
b2b.economictimes.com
R10		 2025-04-22 -
2025-07-21		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-11-19 -
2025-12-18		 a year crt.sh
*.g.doubleclick.net
WE2		 2025-04-29 -
2025-07-22		 3 months crt.sh
timesofindia.com
R11		 2025-04-02 -
2025-07-01		 3 months crt.sh
navbharattimes.indiatimes.com
R10		 2025-05-19 -
2025-08-17		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-12-22 -
2026-01-21		 a year crt.sh
videoplayer.indiatimes.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2025-03-02 -
2026-03-04		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-01 -
2025-12-31		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2025-02-11 -
2026-02-11		 a year crt.sh
colombiaonline.com
R10		 2025-04-10 -
2025-07-09		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-04-18 -
2025-07-17		 3 months crt.sh
id.hadron.ad.gt
WE1		 2025-05-14 -
2025-08-12		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M03		 2024-09-08 -
2025-10-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2025-03-19 -
2026-04-02		 a year crt.sh
unpkg.com
WE1		 2025-04-29 -
2025-07-28		 3 months crt.sh
*.google-analytics.com
WE2		 2025-04-29 -
2025-07-22		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-08-07 -
2025-08-07		 a year crt.sh
tag.wknd.ai
R11		 2025-05-12 -
2025-08-10		 3 months crt.sh
*.google.com
WE2		 2025-04-29 -
2025-07-22		 3 months crt.sh
assets.bounceexchange.com
WR3		 2025-05-09 -
2025-08-07		 3 months crt.sh
*.google.nl
WE2		 2025-04-29 -
2025-07-22		 3 months crt.sh
*.wunderkind.co
R10		 2025-03-29 -
2025-06-27		 3 months crt.sh
indexww.com
WE1		 2025-05-26 -
2025-08-24		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2025-03-06 -
2026-04-03		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-11-27 -
2025-11-30		 a year crt.sh
casalemedia.com
E6		 2025-04-08 -
2025-07-07		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2024-07-31 -
2025-08-29		 a year crt.sh
*.attekmi.com
Go Daddy Secure Certificate Authority - G2		 2024-08-09 -
2025-08-09		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh
teads.tv
R10		 2025-05-12 -
2025-08-10		 3 months crt.sh
*.prod.euc1.green.ops.kargo.com
Amazon RSA 2048 M02		 2024-11-27 -
2025-12-26		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2025-02-21 -
2026-03-23		 a year crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-07-15 -
2025-08-15		 a year crt.sh
*.bidder.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-03 -
2025-12-31		 a year crt.sh
smilewanted.com
WE1		 2025-04-05 -
2025-07-04		 3 months crt.sh
bidding.rediads.com
R10		 2025-03-15 -
2025-06-13		 3 months crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2025-03-31 -
2026-04-29		 a year crt.sh
sync.inmobi.com
Sectigo RSA Organization Validation Secure Server CA		 2025-04-29 -
2026-04-29		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2025-04-10 -
2026-04-30		 a year crt.sh
adtcdn.com
WE1		 2025-04-23 -
2025-07-22		 3 months crt.sh
storage.googleapis.com
WE2		 2025-04-29 -
2025-07-22		 3 months crt.sh
player.hb.selectmedia.asia
R10		 2025-04-15 -
2025-07-14		 3 months crt.sh
player.adtelligent.com
R10		 2025-05-08 -
2025-08-06		 3 months crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-01-21 -
2025-12-27		 a year crt.sh
*.copper6.com
Go Daddy Secure Certificate Authority - G2		 2024-07-08 -
2025-08-09		 a year crt.sh
sghb.hb.selectmedia.asia
ZeroSSL ECC Domain Secure Site CA		 2025-05-18 -
2025-08-16		 3 months crt.sh
hadronid.net
WE1		 2025-05-18 -
2025-08-16		 3 months crt.sh
adtrafficquality.google
WE2		 2025-04-29 -
2025-07-22		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2025-04-28 -
2026-05-29		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2025-02-04 -
2025-07-30		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2025-03-25 -
2026-04-23		 a year crt.sh
*.cdnwidget.com
R10		 2025-04-26 -
2025-07-25		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-04-11 -
2025-07-04		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-03 -
2025-09-24		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2025-01-07 -
2025-12-22		 a year crt.sh
zeotap.com
WE1		 2025-05-20 -
2025-08-18		 3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-13 -
2025-12-14		 a year crt.sh
sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2025-02-24 -
2025-08-20		 6 months crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-01-09 -
2026-02-09		 a year crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-04-06 -
2025-07-01		 3 months crt.sh
dsp-service.admatic.de
E6		 2025-05-09 -
2025-08-07		 3 months crt.sh
static.cdn.admatic.de
E5		 2025-05-08 -
2025-08-06		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2025-02-17 -
2026-02-03		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2025-02-06 -
2026-03-05		 a year crt.sh
smaato.net
Sectigo ECC Domain Validation Secure Server CA		 2024-08-13 -
2025-09-11		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2024-12-06 -
2026-01-07		 a year crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-02 -
2025-09-05		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2024-08-20 -
2025-09-21		 a year crt.sh
*.e-volution.ai
Sectigo RSA Domain Validation Secure Server CA		 2024-11-22 -
2025-12-23		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2024-11-27 -
2025-12-29		 a year crt.sh
*.adkernel.com
GlobalSign GCC R6 AlphaSSL CA 2023		 2025-01-22 -
2026-02-23		 a year crt.sh
*.krushmedia.com
Go Daddy Secure Certificate Authority - G2		 2024-10-20 -
2025-11-21		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2024-10-28 -
2025-11-26		 a year crt.sh
tr.blismedia.com
WR3		 2025-05-13 -
2025-08-11		 3 months crt.sh
*.eskimi.com
GeoTrust TLS RSA CA G1		 2025-02-18 -
2026-03-21		 a year crt.sh
*.lijit.com
Amazon RSA 2048 M03		 2024-10-21 -
2025-11-20		 a year crt.sh
lexicon.33across.com
WR3		 2025-04-21 -
2025-07-20		 3 months crt.sh
id5-sync.com
E6		 2025-05-01 -
2025-07-30		 3 months crt.sh
eu-1-id5-sync.com
R11		 2025-05-01 -
2025-07-30		 3 months crt.sh
samayam.indiatimes.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-04-07 -
2026-02-04		 10 months crt.sh
npepaper.indiatimes.com
R10		 2025-04-15 -
2025-07-14		 3 months crt.sh
indiatimes.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2025-03-03 -
2026-03-03		 a year crt.sh
vkfeed.indiatimes.com
R11		 2025-05-08 -
2025-08-06		 3 months crt.sh
quantserve.com
R11		 2025-04-20 -
2025-07-19		 3 months crt.sh
*.360yield.com
Amazon RSA 2048 M03		 2025-03-29 -
2026-04-27		 a year crt.sh
*.sitescout.com
GeoTrust TLS RSA CA G1		 2025-01-16 -
2026-02-01		 a year crt.sh
ccgateway.net
E5		 2025-04-02 -
2025-07-01		 3 months crt.sh

This page contains 62 frames:

Primary Page: https://sub4.mafinet.store/
Frame ID: DA185C4F4EE915041667DCAC1DC898E0
Requests: 331 HTTP requests in this frame

Frame: https://static.clmbtech.com/ctn/10750/images/43/21c0a8ed39794f1f9fbc28b789a9ce90_1712686089398_0.webp
Frame ID: 871FC6687600DE148B4F5A910C217036
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: FCF090D8AF5F608C66689D5E0552273B
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 60814ED6A9DEFA3D3B92C00A3BF17D0D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
Frame ID: 90CFFABBB8323D2A07ECF729CBEB0AA9
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Frame ID: D03CBF8B33EE4E7767B22718F26AFDD9
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: CA16DD019C5B7B5B73A0680A1B73FC08
Requests: 10 HTTP requests in this frame

Frame: https://www.temu.com/api/adx/cm/pixel-taboola?id=f6b454d7-b524-4e02-b908-e5de67fc002c-tuctf2f0ac6
Frame ID: 7127CBA394632092AEAF7778B17881E6
Requests: 2 HTTP requests in this frame

Frame: https://1eded9e14ce9ab5d9e8959151fc7e8be.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 25677BD99F7A2B493C9517359DE492FE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuomnDBO82w6qpODemOd-k01xd_GcWkb3vXap8U02TSJhrwx72p79WdaA7h4JBaa9EXI_MrqEuDjZQLDkkEh-m8LhAQZr5-zj7kRYL0vAT5ehdwWJ0_5huP8ZcTuowMlnxrPPGjXQ67WmmIY6oGeSE5aqXhVZm5wBH7Qb0zcEIKEt8w809F4Kh0wVQMurQNdZrplOkiXh-PUDkRbIO2wWCqhtsI74oyT8DZxqxnGYEPhJhwjjbuuZrWCVxT3QPi0LW8R6p7iFb8IpfQ4ZXmHkMgdViznoHX_Oko4a_yWEXoHSWnO4n9eIQLcX8E9SyLCM_9_XcvfXog9JCpY5vUf52rvYnkgR435KAXWndUlrn-sbp03G3CUUryykLkADtS6vte11TR7STbV_y2SqMMEZPX7S-yylddp3TkElQO3tbc_d56xOfUgjyqp2y1zdfL1_zqOIPbnXRyBzpyW-LTOgkwMUWyxfbHIDzmO8mXWrS9M7uylzRnj3-ABVTeeZIg5w&sig=Cg0ArKJSzA2l2zVGm9uREAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 99F90D081D994AE8418E9C12E4CAB13A
Requests: 31 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu3l1CZpdWP5w3ApO4tsz4tB8Zg5gqxrDEP17qlNKzM_0oWG801K50jLxOrCQx4urCeflrFZdqmowLSm1X0AHe5LdsTIQp7mTo4JMsIadx_7goD9DY7IM6dZC1IwXiPncVlnLKZDKiBXyoBlUgu5hh9taED0HU3QWhV21O139-TIFhQwDXR644dnnRT-KAzQABqIVltaJCwmSyInjRxkfrZpkByMJkKF2iW5YQOtUEfgkIltgMBriGygdMA3hw2oNbw-8E97AP5Jv7MbrraKLhzFMymcxeX6g4riEx2FARSVhtYYpksv4joNuFJX99Sl4J1OOyGEtNIauHFTkEsolVrXW0FkBgSUQH37mEEHGj814rRhemzUTjvxXBW81-D9lsDKEojKdubFQz8V7khFv4eVmHyJZ5_phtPng6vhBixebkHqTfV8mtBoLM4etMxr4qezslUDwheSvPbRmyCE9HcaUO6MigryV8vN6Ss8Zk_SQRXOD5MMIuk_jC5Zw&sig=Cg0ArKJSzFI_uFUOqfPQEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 4495950EE35AA78C1C95508B84946E68
Requests: 15 HTTP requests in this frame

Frame: https://ab1034c41a49019d8f63fd87332c878d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html?n=1
Frame ID: CD1D9307F10572D4551E06D3D2C2BE9F
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: 1BD78E74C449EF9F9228F4789D4139BC
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 62B6D13C60575994E9B349920998BC45
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F206224E1B1FF393A8F2A6A24B7CB1CA
Requests: 1 HTTP requests in this frame

Frame: https://timesinternet-d.openx.net/w/1.0/pd
Frame ID: 2AB94359287133FEDD4DFD6562905D6D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 00D4AAD94D640D2BCFE7F2E25A15EF8A
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=sub4.mafinet.store&gpp=
Frame ID: 3F8DCA48B98FD07B54FC44B8A60D0E9B
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=164398
Frame ID: 12D8A1BF5BDD16A8564994AFAABB8451
Requests: 18 HTTP requests in this frame

Frame: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Frame ID: 4BB6171A9BC57E2B393CB49F62916807
Requests: 30 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4AC141ADDC8997882F7A57A67E3F6DA8
Requests: 3 HTTP requests in this frame

Frame: https://cdn.taboola.com/scripts/prebid_iframe_sync.html
Frame ID: 06025EAE776897EB25BABAB5E86D6F76
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: DB1158FCEBD2184C9E10EF015A3807BD
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=5BE682BD-80DA-43CE-8F85-7BF415C5C01E&gdpr=0&gdpr_consent=
Frame ID: E5EB0FC0F13E9A0B035DAA4DD6B1FF9A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1801426616012069664
Frame ID: A11D3D217FAEB8B9411E93CCD0FBFF1E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: A915E0A9D58FFEEBA9E8A56B68D0FF01
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5BE682BD-80DA-43CE-8F85-7BF415C5C01E&redir=true&gdpr=0&gdpr_consent=
Frame ID: 73651169177286611922D605E5A9A7F5
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Frame ID: F6A604BD88C18F46D3522ED8A12A544E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 9A40F79AEF11B5DC5B9E6E6C7357200B
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: A46B06E80CDCB7834755B907D08AFA37
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?ssp=criteo&custom_data=V17DmV9qY1QyY3REQVFuYjZuRngxenQlMkZ2OGlZZ0JVcDglMkZYOXFacjFMZzdZYXdSR2lxNWlWS015Qno0amZsQUViZGNGMVZyTmlOcmpYTjF6bkRSQ3NFa2JhSWJabE4wZDBob2dTYzklMkZ5TG8zSTJqeiUyRnJLa2o5N3dXTEdXVlhEeGtoSm5VbU5pJTJCalJsRWU5ZXRpazdtJTJCeVhNaDJha3p1WjFVTnhQcWVMZyUyRlNWZjJad29JS0xaa0xtUDdVQnNLcFFCYzNURQ&gpp=&gpp_sid=&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-azK_co4UVmBB6hxOhYJTqyglVogihDM1w80yHA
Frame ID: 88B06A4206972F1678228FAC3C57971E
Requests: 1 HTTP requests in this frame

Frame: https://ittpx.eskimi.com/sync?sp_id=148&gdpr=0&gdpr_consent=
Frame ID: DF98847BE3B3990D6917414193519D5A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adaptmx/?gdpr=0
Frame ID: B37B98C088A2108456CB14F7195B013F
Requests: 1 HTTP requests in this frame

Frame: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadmatic%2F%24%7BUSER_ID%7D
Frame ID: 76257E1187F3B57AB16D8EA4A7B308D8
Requests: 1 HTTP requests in this frame

Frame: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadmatic_autres%2F%24%7BUSER_ID%7D
Frame ID: 9389C26010ADC831C8EB8CA07D94C441
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/admatic/3f72cd1d-3569-493c-a374-566b4381d12b
Frame ID: 6E4BCFB0CCACE8E7F3ADDFCDE8CD9963
Requests: 1 HTTP requests in this frame

Frame: https://static.cdn.admatic.de/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
Frame ID: 182E88B9785F442BA018183B9D3904C7
Requests: 1 HTTP requests in this frame

Frame: https://static.cdn.admatic.de/cookie.html?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=794ee8b7-4613-47c3-99f7-8b405a9b4c72
Frame ID: CFCFF890C466B5165BFE36DD44A946D8
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%23PMUID
Frame ID: B147A4C9C9CB631F19492846B39B9085
Requests: 1 HTTP requests in this frame

Frame: https://static.cdn.admatic.de/cookie.html?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=496503ca-d17b-4374-8667-276a048d2f10
Frame ID: 258167FC1BC67EDE16CF6F4ABDFE99F8
Requests: 1 HTTP requests in this frame

Frame: https://static.cdn.admatic.de/cookie.html?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=16df66f1-def8-472d-89ab-b0106fd8850f
Frame ID: 69A111DADE6233350AA9FD8B18F13FFE
Requests: 1 HTTP requests in this frame

Frame: https://static.cdn.admatic.de/cookie.html?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=71ab40f6-fd65-4642-8fe9-686192ce3a88
Frame ID: 5517A87B06445E76EF19E82BAACA4ECE
Requests: 1 HTTP requests in this frame

Frame: https://static.cdn.admatic.de/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
Frame ID: EAAB110D8A13090DD5DBF46CD31E0F79
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%23PMUID
Frame ID: 3756891333DCC7585D36A9A9D4EE95B7
Requests: 1 HTTP requests in this frame

Frame: https://static.cdn.admatic.de/cookie.html?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=17f6fe87-ef3e-4397-a1d7-3eda26291ea0
Frame ID: 694297EB4D1C750E1DDDAAA008D4C2B3
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID?gdpr=0&gdpr_consent=
Frame ID: 0C00EBFB43949DDBF7733C293C4908E3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159035&gdpr=&gdpr_consent=&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3DID5-SEA-76%26dspUserId%3D(PM_UID)
Frame ID: 65D64B20013C00063CCAC9E96F9D77E0
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=inmobi&endpoint=us-east
Frame ID: 46BDCB2E29BC9B92C257A815A7A43686
Requests: 3 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 3C1449A94AD4138453C18CBDB04820E7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: F7E35258AEF1BEF394EBADE574EB3ABB
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
Frame ID: CD2D2FFF5F1DDE10F81DCD5AB719C749
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1748337992279
Frame ID: CB2540B5F3D1F4BAA75B8C02F5380003
Requests: 1 HTTP requests in this frame

Frame: https://csync.copper6.com/iframe?pbjs=1&coppa=0
Frame ID: B9E996DA4E4E3EFCB09383DD5E5EFD5F
Requests: 4 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=PwHe2vW2r7aTMJhPjOWxR7QnCuPAhnqZoEqChPGjaUs&pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Frame ID: F066ED4B071E116DB56EBAB34E318C3D
Requests: 1 HTTP requests in this frame

Frame: https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
Frame ID: 81BBA4B40302CC17F089A9BDA192EAE3
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=4&user_id=06c529f1-5625-486a-93b6-38159384a17c&ssp=pubmatic&expires=30&user_group=5&bsw_param=71ab40f6-fd65-4642-8fe9-686192ce3a88
Frame ID: 8A99912EB2263C5E415DB05ED76AD879
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7509054519523473776&gdpr=0&gdpr_consent=
Frame ID: 63C7A4D8F8279E49555E315728F71C3A
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 194C5F18F073A81086CDB34EAECDF60F
Requests: 3 HTTP requests in this frame

Frame: https://dsp.360yield.com/dsp_match/275?ssp=76&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM3MzUmdGw9MTI5NjAw%26piggybackCookie%3D%7BDSP_USER_ID%7D
Frame ID: 56E90EC1CF18DB4A1BE937594F110E8D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU80610b2a768f4e86a710d02b4eef2675
Frame ID: D326758B59D70F35C8DE21EB9628533E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sub4.mafinet.store
Frame ID: FE64081D5D2A86A52B3BBCBDF8A6A63F
Requests: 2 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: 63ED7FAC78A362F3466BEDF5C5A3CF86
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

News - Breaking News, Latest News, India News, World News, Bollywood, Sports, Business and Political News | Times of India

Page URL History Show full URLs

  1. http://sub4.mafinet.store/ HTTP 307
    https://sub4.mafinet.store/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

527
Requests

91 %
HTTPS

24 %
IPv6

101
Domains

165
Subdomains

125
IPs

15
Countries

4032 kB
Transfer

14824 kB
Size

90
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sub4.mafinet.store/ HTTP 307
    https://sub4.mafinet.store/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 114
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aDWFRVVbLV8ADimOAtreVwAAFD0AAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aDWFRVVbLV8ADimOAtreVwAAFD0AAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 117
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=4eb5c132d295449fabcfed9d52b5bab0&expiration=1750929989
Request Chain 118
  • https://s.c.appier.net/index?userId=aDWFRVVbLV8ADimOAtreVwAA%265181&gdpr=&us_privacy= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=203&external_user_id=GDuFlnlkCPuMKW1oRoU1aA&gdpr=1
Request Chain 119
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aDWFRVVbLV8ADimOAtreVwAA
Request Chain 120
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1801426616012069664&expiration=1749547590
Request Chain 126
  • https://sync.taboola.com/sg/temurtbnative-network/1/rtb/ HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-taboola?id=f6b454d7-b524-4e02-b908-e5de67fc002c-tuctf2f0ac6
Request Chain 295
  • https://sync.inmobi.com/prebidjs HTTP 302
  • https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry= HTTP 302
  • https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Request Chain 305
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&__qcmcs=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=FxedNhkammIMTpc2ERmDNxgdzGcMGpgxFUxfYsAq
Request Chain 306
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aDWFRVVbLV8ADimOAtreVwAA
Request Chain 307
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=aDWFRVVbLV8ADimOAtreVwAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=aDWFRVVbLV8ADimOAtreVwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662135072175972
Request Chain 323
  • https://gum.criteo.com/sid/json?origin=criteoPrebidAdapter&domain=sub4.mafinet.store&sn=ChromeSyncframe&so=0&topUrl=sub4.mafinet.store&topicsavail=1&fledgeavail=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=6tCXn3xWTkpZcDNQYUtSanZPM0x2Y0ZXL1pUeHZNM0UyVGU3ZlRBWitWUTE1SnZPakhyc2xEYUNwZG12ekE3VFJaZk5wblVCb090R3FYdk11SExuTXd1aE16N2JPL3Vxb0dFRmRQM3JObkRCWmdtb1dpOUEyWExSV01xYnlhVTI3Y3ljTDNTMnlIR3VDOEVyQXdkamcwVHZ3SE1wQnFNNlprVzRVUXJpM3BSSHBtTUoxeVUrUEFxNllkTUdYbUdrSm43bWMwQzNFazM2R2tLQkd0aVpqcjZKNTZ0OWtMZ1RQamhyQ01Pbi9tQktiRTdOczJZcHJnRzI5M1hCTVhGK0FSTGdWYldYdGF3WU5MQVhzVWlnYnU4VjZoY3lDUUpTbFRPWmx2VUQzbkQwck5kQWxFckxsQ1ZSdWZHZjczM1lPL0hnWHw&cppv=2
Request Chain 325
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1801426616012069664
Request Chain 326
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 329
  • https://pixel.onaudience.com/?partner=214&mapped=5BE682BD-80DA-43CE-8F85-7BF415C5C01E&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
Request Chain 330
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=5BE682BD-80DA-43CE-8F85-7BF415C5C01E&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=5BE682BD-80DA-43CE-8F85-7BF415C5C01E&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 332
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUJFNjgyQkQtODBEQS00M0NFLThGODUtN0JGNDE1QzVDMDFF&gdpr=0&gdpr_consent=&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUJFNjgyQkQtODBEQS00M0NFLThGODUtN0JGNDE1QzVDMDFF&gdpr=0&gdpr_consent=&google_cm=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDkIJET6lEt0CPS6wPhUGjE&google_cver=1
Request Chain 333
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=W-aCvYDaQ86PhXv0FcXAHg%3D%3D&gdpr=0&gdpr_consent=&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=W-aCvYDaQ86PhXv0FcXAHg%3D%3D&gdpr=0&gdpr_consent=&google_cm=&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESELIZc-e2dBkMvRIu9P49y6I&google_cver=1
Request Chain 334
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKtpLUBL3G1UtaT-qMrRuj8&google_cver=1
Request Chain 346
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 349
  • https://cm.g.doubleclick.net/pixel?google_nid=commerce_grid_dbm&google_hm=k-azK_co4UVmBB6hxOhYJTqyglVogihDM1w80yHA&google_cm&google_redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dLZs1xF9DTDZHdnRGNEN2ZzRMcG9VWGpxeUVoNTQlMkZMZE8wOUczRWZIMFAlMkIlMkJJbVo0JTNE%26u%3d%25%25GOOGLE_GID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=LZs1xF9DTDZHdnRGNEN2ZzRMcG9VWGpxeUVoNTQlMkZMZE8wOUczRWZIMFAlMkIlMkJJbVo0JTNE&u=CAESEDEXO9pJfEXL5_WjkU8CjcM&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 350
  • https://ad.turn.com/r/cs?pid=75&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/bidder-initiated?gdpr_consent=&gdpr=0&us_privacy=&dsp=11&buyer_id=2383888786883828126
Request Chain 357
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=342 HTTP 302
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=V17DmV9qY1QyY3REQVFuYjZuRngxenQlMkZ2OGlZZ0JVcDglMkZYOXFacjFMZzdZYXdSR2lxNWlWS015Qno0amZsQUViZGNGMVZyTmlOcmpYTjF6bkRSQ3NFa2JhSWJabE4wZDBob2dTYzklMkZ5TG8zSTJqeiUyRnJLa2o5N3dXTEdXVlhEeGtoSm5VbU5pJTJCalJsRWU5ZXRpazdtJTJCeVhNaDJha3p1WjFVTnhQcWVMZyUyRlNWZjJad29JS0xaa0xtUDdVQnNLcFFCYzNURQ&gpp=&gpp_sid=&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-azK_co4UVmBB6hxOhYJTqyglVogihDM1w80yHA
Request Chain 359
  • https://sync.a-mo.net/cchain?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadaptmx%2F%24UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/adaptmx/?gdpr=0
Request Chain 365
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
  • https://prebid.admatic.de/setuid?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid= HTTP 301
  • https://static.cdn.admatic.de/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
Request Chain 366
  • https://server.smartytech.io/match?redirect=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dmembrana%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%7Buser_id%7D HTTP 302
  • https://prebid.admatic.de/setuid?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=794ee8b7-4613-47c3-99f7-8b405a9b4c72 HTTP 301
  • https://static.cdn.admatic.de/cookie.html?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=794ee8b7-4613-47c3-99f7-8b405a9b4c72
Request Chain 368
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dbmtm%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dbmtm%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.admatic.de/setuid?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=496503ca-d17b-4374-8667-276a048d2f10 HTTP 301
  • https://static.cdn.admatic.de/cookie.html?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=496503ca-d17b-4374-8667-276a048d2f10
Request Chain 369
  • https://dsp-service.admatic.de/users/sync/?redir=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dadmaticde%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D16df66f1-def8-472d-89ab-b0106fd8850f HTTP 302
  • https://prebid.admatic.de/setuid?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=16df66f1-def8-472d-89ab-b0106fd8850f HTTP 301
  • https://static.cdn.admatic.de/cookie.html?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=16df66f1-def8-472d-89ab-b0106fd8850f
Request Chain 370
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dbmtm%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dbmtm%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.admatic.de/setuid?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=71ab40f6-fd65-4642-8fe9-686192ce3a88 HTTP 301
  • https://static.cdn.admatic.de/cookie.html?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=71ab40f6-fd65-4642-8fe9-686192ce3a88
Request Chain 371
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
  • https://prebid.admatic.de/setuid?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid= HTTP 301
  • https://static.cdn.admatic.de/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
Request Chain 373
  • https://server.smartytech.io/match?redirect=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dmembrana%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%7Buser_id%7D HTTP 302
  • https://prebid.admatic.de/setuid?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=17f6fe87-ef3e-4397-a1d7-3eda26291ea0 HTTP 301
  • https://static.cdn.admatic.de/cookie.html?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=17f6fe87-ef3e-4397-a1d7-3eda26291ea0
Request Chain 384
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3535&partner_device_id=ID5-8-cbf3cb3d-025f-43ec-95f1-4b95094a86ca&partner_url=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3D877%26dspUserId%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3535&partner_device_id=ID5-8-cbf3cb3d-025f-43ec-95f1-4b95094a86ca&partner_url=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3D877%26dspUserId%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.inmobi.com/setuid?bidderID=877&dspUserId=f1ef5630-6af7-468d-a76e-c7474870ad61
Request Chain 388
  • https://t.adx.opera.com/pub/sync?pubid=pub6871903319744&gdpr=&consent=&us_privacy= HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=38c0037af9b05c4f&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub6871903319744 HTTP 302
  • https://t.adx.opera.com/sync?vendor=60369&pubid=pub6871903319744 HTTP 302
  • https://sync.inmobi.com/setuid?bidderID=1135&dspUserId=OPU80610b2a768f4e86a710d02b4eef2675
Request Chain 389
  • https://cs.admanmedia.com/e03deca3316b700a1ce99c41e324fd03.gif?puid=ID5-8-cbf3cb3d-025f-43ec-95f1-4b95094a86ca&redir=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3D149%26dspUserId%3D%5BUID%5D&gdpr=&gdpr_consent= HTTP 302
  • https://sync.inmobi.com/setuid?bidderID=149&dspUserId=0cd10797-5c6c-4e2f-9e0e-84b82957517b
Request Chain 391
  • https://sync.1rx.io/usersync2/inmobi&gdpr=&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/inmobi?zcc=1&cb=1748337995238 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&id=RX-90019724-60a9-410d-a78f-78362d62aeec-003&rndcb=1961526472 HTTP 302
  • https://sync.1rx.io/usersync/turn/2383888786883828126?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-90019724-60a9-410d-a78f-78362d62aeec-003?redir=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3D23%26dspUserId%3DRX-90019724-60a9-410d-a78f-78362d62aeec-003 HTTP 302
  • https://sync.inmobi.com/setuid?bidderID=23&dspUserId=RX-90019724-60a9-410d-a78f-78362d62aeec-003
Request Chain 392
  • https://csync.loopme.me/?pubid=9724&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3D109%26dspUserId%3D%7Bviewer_token%7D HTTP 307
  • https://sync.inmobi.com/setuid?bidderID=109&dspUserId=039a9d20-ea95-4a5e-9e19-9a581f5a27c4&gdpr_consent=null&gdpr=null
Request Chain 395
  • https://sync.srv.stackadapt.com/sync?nid=138&gdpr=&gdpr_consent= HTTP 302
  • https://sync.inmobi.com/setuid?bidderID=238&dspUserId=zqCThSLLW2hhc3sYJKLtzblBhpo
Request Chain 396
  • https://sync.clearnview.com/redirect?gdpr=&gdpr_consent=&usp_consent=&pubid=17&pubuid=ID5-8-cbf3cb3d-025f-43ec-95f1-4b95094a86ca&redirect=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3D869%26dspUserId%3D%24UID HTTP 302
  • https://sync.inmobi.com/setuid?bidderID=869&dspUserId=cb3c4368-ec66-5272-aaff-d7da37a168dd
Request Chain 399
  • https://cs.playdigo.com/dd3f91b3168664e47ebd1aec9512abd4.gif?puid=ID5-8-cbf3cb3d-025f-43ec-95f1-4b95094a86ca&redir=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3D1302%26dspUserId%3D%5BUID%5D&gdpr=&gdpr_consent= HTTP 302
  • https://sync.inmobi.com/setuid?bidderID=1302&dspUserId=3b0bce33-4fa2-4e4b-a59e-a2c9ba2b7655
Request Chain 400
  • https://creativecdn.com/cm-notify?pi=inmobi&gdpr=&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=inmobi&gdpr=&gdpr_consent=&tc=1 HTTP 302
  • https://sync.inmobi.com/setuid?bidderID=16&dspUserId=PwHe2vW2r7aTMJhPjOWxR7QnCuPAhnqZoEqChPGjaUs&pi=inmobi&gdpr=&gdpr_consent=&tc=1
Request Chain 401
  • https://tracker-shr.ortb.net/sync?id=1&uid=ID5-8-cbf3cb3d-025f-43ec-95f1-4b95094a86ca HTTP 302
  • https://sync.inmobi.com/setuid?bidderID=276&dspUserId=b3f426e6-7ae7-e815-890e-3be35bd48b61
Request Chain 421
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-FCN624MN68&gtm=45je55l1v883796539z8896110376za200zb896110376&_p=1748337988834&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&cid=425418463.1748337989&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAAAAQ&_s=2&sid=1748337989&sct=1&seg=1&dl=https%3A%2F%2Fsub4.mafinet.store%2F&dt=News%20-%20Breaking%20News%2C%20Latest%20News%2C%20India%20News%2C%20World%20News%2C%20Bollywood%2C%20Sports%2C%20Business%20and%20Political%20News%20%7C%20Times%20of%20India&en=page_view&_c=1&ep.useAmpClientId=true&ep.agency=N%2FA&ep.authors=N%2FA&ep.browsing_client=web&ep.browsing_platform=web&ep.business_property=toi&ep.days_since_created=N%2FA&ep.keywords=News%2C%20Breaking%20news%2C%20Latest%20news%2C%20World%20News%2C%20US%20News%2C%20Live%20news%2C%20Today%20news%2C%20News%20Today%2C%20India%20news%2C%20English%20news%2C%20Politics%20news%2C%20Top%20news%20in%20India&ep.msid=N%2FA&ep.page_stack=react&ep.page_template=home&ep.pagination=N%2FA&ep.perpetual=false&ep.prime_content=false&ep.published_date=N%2FA&ep.section=N%2FA&ep.subsection=N%2FA&ep.page_version=N%2FA&ep.content_type=N%2FA&ep.subsection2=N%2FA&ep.category_tag=n%2Fa&ep.network=4g&epn.network_speed=10&_et=6785&upn.prime_user=-1&up.subscription_source=N%2FA&up.plan_name=N%2FA&up.login_status=false&up.user_grx_id=N%2FA&tfd=7873 HTTP 302
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=425418463.1748337989&dbk=9024091223786955465&dma=1&dma_cps=syphamo&en=page_view&gtm=45je55l1v883796539z8896110376za200zb896110376&npa=1&tid=G-FCN624MN68&dl=https%3A%2F%2Fsub4.mafinet.store%3F
Request Chain 501
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=PwHe2vW2r7aTMJhPjOWxR7QnCuPAhnqZoEqChPGjaUs&pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Request Chain 503
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=71ab40f6-fd65-4642-8fe9-686192ce3a88&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=71ab40f6-fd65-4642-8fe9-686192ce3a88&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=06c529f1-5625-486a-93b6-38159384a17c&ssp=pubmatic&expires=30&user_group=5&bsw_param=71ab40f6-fd65-4642-8fe9-686192ce3a88
Request Chain 504
  • https://dsp-cookie.adfarm1.adition.com/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7509054519523473776&gdpr=0&gdpr_consent=
Request Chain 507
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912&gdpr=0&gdpr_consent= HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=b4473ae54889bfc3&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub8730968190912 HTTP 302
  • https://t.adx.opera.com/sync?vendor=60369&pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU80610b2a768f4e86a710d02b4eef2675
Request Chain 521
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mafinet.store&sn=ChromeSyncframe&so=3&topUrl=sub4.mafinet.store&bundle=uA5uOF9DOVFkdXhaYVhpTzA0S2Z6cmkzcUkyOGd1M0xNajdjZjRCMXI2OEliQTM3bnkySXZiRnUlMkZiZHNlakt1TGg3YURrWkQlMkZWeGNYZiUyRmZvRWJGSHBOWCUyRlY0c0xuUDJHY1RJalFKcUNpMEd5bjhaSGglMkJPNTdybzhzcE45Q2w2Um4lMkJxOUpaR0hBZzh4ZCUyRlJqbFBJRm1MQmp6ZyUzRCUzRA&topicsavail=1&fledgeavail=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=749m9HxhU3VjYitGei9JNzdHYkx1RVlEN2ZzUmNyZVJIZUI0TldJeEMrQ2tGL1o3LzZZd09XWWQxUVczV1VCK0M3QTBEaEhkNFUvQkd3NzhBN3lwUmpiamFvRVRxeFlsZ1Rac2ZjWjN6Z3VVWU9pMlNwNFZhYlFrYjArakdkemN5SlJ2MUpJaGJOUS8zeUFZbVJ4M2gycXZ2NXZMRVlrQUdjZlN6ay9DK3ZxRFFiOWNnbHd2Y2JRQ3JxRHppOFlmNzJkRFhtVTZEMTB5Nm51ZzdKVzhSR3I1NWpFQldxeDlTSmFZcjB2dlE3ZU9RSTJ0MWxqMzJBSnRsQkNVaHF1WlZrZnJyNUREMkZPRU1Gbm1sT1IwWEpGaVg2Mmd5VXBxSjU1T1g0UDNDckJmM1R1TXB4emFqQ0dFYzNYZ2liMlllUGwwN3w&cppv=2

527 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sub4.mafinet.store/
Redirect Chain
  • http://sub4.mafinet.store/
  • https://sub4.mafinet.store/
1 MB
197 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.172.94.114 , United States, ASN210644 (AEZA-AS AEZA INTERNATIONAL LTD, GB),
Reverse DNS
telling-page.aeza.network
Software
nginx/1.26.2 /
Resource Hash
5849b3e281eb04d8f4be2c63805e800f35a918979e342e02033e642db2980eb0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.timesinternet.in https://*.sli.ke https://economictimes.indiatimes.com https://navbharattimes.indiatimes.com https://m.timesofindia.com https://m.economictimes.com https://gadgetsnow.com https://www.gadgetsnow.com https://gadgetsnow.indiatimes.com https://www.google.com https://google.com https://static-toiimg-com.cdn.ampproject.org https://m-timesofindia-com.cdn.ampproject.org https://www.newspointapp.com https://timesofindia.indiatimes.com https://auto.timesofindia.com https://timesofindia-indiatimes-com.cdn.ampproject.org https://vijaykarnataka.com https://*.samayam.com https://*.iamgujarat.com https://*.indiatimes.com;
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept
access-control-allow-methods
GET,POST
access-control-max-age
86400
akamai-timesinternet-grn
0.32d53e17.1748337988.2c8fbfee
alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-encoding
br
content-length
200668
content-security-policy
frame-ancestors 'self' https://*.timesinternet.in https://*.sli.ke https://economictimes.indiatimes.com https://navbharattimes.indiatimes.com https://m.timesofindia.com https://m.economictimes.com https://gadgetsnow.com https://www.gadgetsnow.com https://gadgetsnow.indiatimes.com https://www.google.com https://google.com https://static-toiimg-com.cdn.ampproject.org https://m-timesofindia-com.cdn.ampproject.org https://www.newspointapp.com https://timesofindia.indiatimes.com https://auto.timesofindia.com https://timesofindia-indiatimes-com.cdn.ampproject.org https://vijaykarnataka.com https://*.samayam.com https://*.iamgujarat.com https://*.indiatimes.com;
content-type
text/html; charset=utf-8
date
Tue, 27 May 2025 09:26:28 GMT
etag
"d1202df064a74574103d17738210cf96"
expires
Tue, 27 May 2025 09:26:28 GMT
last-modified
Tue, 27 May 2025 09:24:03 GMT
pragma
no-cache
server
nginx/1.26.2
strict-transport-security
max-age=86400
vary
Accept-Encoding
x-amz-request-id
tx000008a18c4fd17f8c153-00683584d2-ca21ff32-default
x-content-header
gzip
x-content-length
216026
x-frame-options
SAMEORIGIN
x-rgw-object-type
Normal

Redirect headers

Location
https://sub4.mafinet.store/
Non-Authoritative-Reason
HttpsUpgrades
toi_prebid.js
assets.toiimg.com/js/ 		450 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/js/toi_prebid.js?v=21
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f553 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40509c377d465cc78a2ca9c323bd084bff670269be01a0f3e621c9473989cb61

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"33a85942bfcf6b6cd853c3282281dc07"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:28 GMT
alt-svc
h3=":443"; ma=93600
date
Tue, 27 May 2025 09:26:28 GMT
last-modified
Tue, 20 May 2025 09:32:56 GMT
vary
Accept-Encoding
content-type
text/javascript
x-amz-id-2
Z5O9xBUutNu/eW5c9yB59G2S0InhAfTXHXUV/RdDhxXpl8S4ULdd3nsW8J57jHIKWLI30yv2dJw=
access-control-allow-headers
*
cache-control
public, max-age=2592000
access-control-allow-credentials
false
x-amz-request-id
P00H1S8CYCA0QACG
accept-ranges
bytes
access-control-allow-origin
*
server
AmazonS3
x-amz-server-side-encryption
AES256
apstag.js
c.amazon-adsystem.com/aax2/ 		380 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f1a19af73144c20b37591eb77a35b5528efcd2972c95975b2d9da7153a9ec12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"b5620855d04635cc3575b1d901d5dfda"
age
2872
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
i2kFDJo2c5eOXR0KpmKs1Y_Al6WyGz3K4ioiiUPEcz7NhcFc_O6UZA==
date
Tue, 27 May 2025 08:38:36 GMT
content-type
application/javascript
last-modified
Wed, 21 May 2025 18:19:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
x-amz-server-side-encryption
AES256
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js?network-code=23037861279
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
2b051c0ea356c7def2dc7e6a2d352d10adaead4a046080fe3546bf07dc0ebd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
br
etag
171 / 20235 / m202505200101 / config-hash: 1295865988360337441
x-content-type-options
nosniff
expires
Tue, 27 May 2025 09:26:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 27 May 2025 09:26:28 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33917
x-xss-protection
0
server
cafe
minify-1.cms
timesofindia.indiatimes.com/toiads_prebid/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timesofindia.indiatimes.com/toiads_prebid/minify-1.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
541382d8e71b364cc55566c67848cf81d8703c945bae86dbc7397b75bc0c2d86
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.timesinternet.in https://*.sli.ke https://economictimes.indiatimes.com https://navbharattimes.indiatimes.com https://m.timesofindia.com https://m.economictimes.com https://gadgetsnow.com https://www.gadgetsnow.com https://gadgetsnow.indiatimes.com https://www.google.com https://google.com https://static-toiimg-com.cdn.ampproject.org https://m-timesofindia-com.cdn.ampproject.org https://www.newspointapp.com https://timesofindia.indiatimes.com https://auto.timesofindia.com https://timesofindia-indiatimes-com.cdn.ampproject.org https://vijaykarnataka.com https://*.samayam.com https://*.iamgujarat.com https://*.indiatimes.com;
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
x-content-header
br
content-encoding
br
etag
W/"068fbc52cddd3b4e369142c955bf773b3"
access-control-allow-methods
GET,POST
content-msg
DATA_SERVED_FROM_CACHE
expires
Tue, 27 May 2025 10:14:47 GMT
alt-svc
h3=":443"; ma=93600
date
Tue, 27 May 2025 09:26:28 GMT
last-modified
Tue, 27 May 2025 08:45:40 GMT
content-type
application/javascript;charset=UTF-8
x-frame-options
SAMEORIGIN
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept
strict-transport-security
max-age=86400
content-security-policy
frame-ancestors 'self' https://*.timesinternet.in https://*.sli.ke https://economictimes.indiatimes.com https://navbharattimes.indiatimes.com https://m.timesofindia.com https://m.economictimes.com https://gadgetsnow.com https://www.gadgetsnow.com https://gadgetsnow.indiatimes.com https://www.google.com https://google.com https://static-toiimg-com.cdn.ampproject.org https://m-timesofindia-com.cdn.ampproject.org https://www.newspointapp.com https://timesofindia.indiatimes.com https://auto.timesofindia.com https://timesofindia-indiatimes-com.cdn.ampproject.org https://vijaykarnataka.com https://*.samayam.com https://*.iamgujarat.com https://*.indiatimes.com;
cache-control
public, must-revalidate, max-age=2899
x-cool
11.61
access-control-allow-credentials
false
akamai-timesinternet-grn
0.d3b61302.1748337988.fc46fa9
content-length
17245
content-language
en-US
server
Bhoot
79638690.cms
static.toiimg.com/photo/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/79638690.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
2356774a20ec6e8100a318107667fbe2bb7470fafebae82b58b275575461036c
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
cache-control
max-age=19259893
etag
7064
x-content-type-options
nosniff, nosniff
appgn
17224806801231627654207023
expires
Mon, 05 Jan 2026 07:24:41 GMT
content-length
5386
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
nginx
121428378.jpg
static.toiimg.com/thumb/imgsize-771344,msid-121428378,width-600,resizemode-4/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-771344,msid-121428378,width-600,resizemode-4/121428378.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
0df68359dfdb3d17c0bd6adc3ac79acb2a34ab6b6cbcba4f09f882afda336f38
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31542541
etag
771344
x-content-type-options
nosniff, nosniff
appgn
172247715401231748321833961
expires
Wed, 27 May 2026 11:15:29 GMT
imagemagick_im4java
1
content-length
9416
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
x-frame-options
sameorigin, sameorigin
83033472.cms
static.toiimg.com/photo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/83033472.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
d842daac94fa49d4342029b3ea8e6d93db9f1bdf30cd14a8073316caaa6bb83e
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
gzip
etag
2507
appgn
17229387701231707925420980
x-content-type-options
nosniff, nosniff
expires
Thu, 14 May 2026 06:09:46 GMT
alt-svc
h3=":443"; ma=93600
imagemagick_im4java
1
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/svg+xml
vary
Accept-Encoding
content-disposition
inline; filename=83033472.svg
x-frame-options
sameorigin, sameorigin
cache-control
public, must-revalidate, max-age=30400998
content-length
1261
x-xss-protection
1; mode=block, 1; mode=block
server
Bhoot
121424368.jpg
static.toiimg.com/thumb/imgsize-474034,msid-121424368,width-600,resizemode-4,quality-80/ 		199 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-474034,msid-121424368,width-600,resizemode-4,quality-80/121424368.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
7cdeecf4e3115793d1d9f493779b19d06bfbae687c55601decd2181e25493189
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31525916
etag
474034
x-content-type-options
nosniff, nosniff
appgn
172247715501231748305809843
expires
Wed, 27 May 2026 06:38:24 GMT
imagemagick_im4java
1
content-length
203890
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
x-frame-options
sameorigin, sameorigin
118390705.cms
static.toiimg.com/photo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/118390705.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
9786943ddc84466af4205fb2708cf479ef95ac07e4b1c382ad281223edd5c059
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=30373224
etag
5470
appgn
17224409401231739971822662
x-content-type-options
nosniff, nosniff
expires
Wed, 13 May 2026 22:26:52 GMT
content-length
1730
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
x-frame-options
sameorigin, sameorigin
115774030.cms
static.toiimg.com/photo/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/115774030.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
1e42ba6005740f8d19979791345629f5322189ab0ca930b047a6c553a5974533
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=30373224
etag
6463
appgn
17229386701231732801417966
x-content-type-options
nosniff, nosniff
expires
Wed, 13 May 2026 22:26:52 GMT
content-length
2552
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
x-frame-options
sameorigin, sameorigin
113448671.cms
static.toiimg.com/photo/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/113448671.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
cfb1f77fab77066608b53a7a55c1e7f1dbb81d1c6e81eddeb07c6edf5fde38bd
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=30373224
etag
3383
appgn
17229386501231726811663040
x-content-type-options
nosniff, nosniff
expires
Wed, 13 May 2026 22:26:52 GMT
content-length
1480
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
x-frame-options
sameorigin, sameorigin
113254487.cms
static.toiimg.com/photo/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/113254487.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
dfa70aa83c3d2d2e57a47972c75f9f6165c86b2e3960976591be392fca0f4522
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=30373224
etag
7747
appgn
17224409401231726568007713
x-content-type-options
nosniff, nosniff
expires
Wed, 13 May 2026 22:26:52 GMT
content-length
2946
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
x-frame-options
sameorigin, sameorigin
113254446.cms
static.toiimg.com/photo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/113254446.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
43903e7e2088cb83370d8c9eed4ceaf63b763d6b86368d41a5f5df67b73a169a
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=30373224
etag
5572
appgn
17224404101231726568007863
x-content-type-options
nosniff, nosniff
expires
Wed, 13 May 2026 22:26:52 GMT
content-length
2110
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
x-frame-options
sameorigin, sameorigin
119301593.cms
static.toiimg.com/photo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/119301593.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
3e857790e641670ef40a4bd535e1449f438b41949a0857b6ec6da6530a8af99f
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=30373224
etag
5581
appgn
17229389101231742556675686
x-content-type-options
nosniff, nosniff
expires
Wed, 13 May 2026 22:26:52 GMT
content-length
2198
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
x-frame-options
sameorigin, sameorigin
111571920.cms
static.toiimg.com/photo/ 		157 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/111571920.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
6942cc4c91b54dcc17eed00c89150be2d91d8daaa007a73db0f362abab8a4aa5
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

vary
Accept-Encoding
cache-control
public, must-revalidate, max-age=30372949
content-encoding
gzip
x-content-type-options
nosniff, nosniff
appgn
17224409201231721984129112
expires
Wed, 13 May 2026 22:22:17 GMT
imagemagick_im4java
1
content-length
55401
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/svg+xml
content-disposition
inline; filename=111571920.svg
server
Bhoot
x-frame-options
sameorigin, sameorigin
69822060.cms
static.toiimg.com/photo/ 		16 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/69822060.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
a1ed28bd4b6fea174196ef72bcb6af497089c67890f80450909bfc8ce6935b94
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

vary
Accept-Encoding
cache-control
public, must-revalidate, max-age=30373381
content-encoding
gzip
etag
16070
appgn
17229384101231707925474064
x-content-type-options
nosniff, nosniff
expires
Wed, 13 May 2026 22:29:29 GMT
imagemagick_im4java
1
content-length
3723
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/svg+xml
content-disposition
inline; filename=69822060.svg
server
Bhoot
x-frame-options
sameorigin, sameorigin
112033967.cms
static.toiimg.com/photo/ 		129 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/112033967.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
f62714afcf6acd99859fb4dbd3afe343fa74f965653acb358a243c971f371895
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

vary
Accept-Encoding
cache-control
public, must-revalidate, max-age=30372753
content-encoding
gzip
etag
132450
appgn
17224409401231721977340900
x-content-type-options
nosniff, nosniff
expires
Wed, 13 May 2026 22:19:01 GMT
imagemagick_im4java
1
content-length
44161
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/svg+xml
content-disposition
inline; filename=112033967.svg
server
Bhoot
x-frame-options
sameorigin, sameorigin
110075962.cms
static.toiimg.com/photo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/110075962.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
97bf39bfe62d0f6fec020503cb2812c212c44a188a4109627937a96da7adfc93
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

vary
Accept-Encoding
cache-control
public, must-revalidate, max-age=30368181
content-encoding
gzip
x-content-type-options
nosniff, nosniff
appgn
17224409701231716180527785
expires
Wed, 13 May 2026 21:02:49 GMT
imagemagick_im4java
1
content-length
793
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/svg+xml
content-disposition
inline; filename=110075962.svg
server
Bhoot
x-frame-options
sameorigin, sameorigin
109614063.cms
static.toiimg.com/photo/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/109614063.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
9e0f78d1ca92bdc0d8e2bdfa6e95ddc76fbe3e5cec1e38f61fc53d3d50bc415b
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=30368181
etag
24923
appgn
17229386901231716289792669
x-content-type-options
nosniff, nosniff
expires
Wed, 13 May 2026 21:02:49 GMT
content-length
5776
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
x-frame-options
sameorigin, sameorigin
118385687.cms
static.toiimg.com/photo/ 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/118385687.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
2f0f77cdcb88705a95f4fcf944d7f400cdbfa3c543da1b8fb177c2630a991cc6
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

vary
Accept-Encoding
cache-control
public, must-revalidate, max-age=30373224
content-encoding
gzip
etag
11040
appgn
17229389201231739961039550
x-content-type-options
nosniff, nosniff
expires
Wed, 13 May 2026 22:26:52 GMT
imagemagick_im4java
1
content-length
4572
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/svg+xml
content-disposition
inline; filename=118385687.svg
server
Bhoot
x-frame-options
sameorigin, sameorigin
87458172.cms
static.toiimg.com/photo/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/87458172.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
ce5fe5af67f0c5ca4450347db4323291e102c300aac2ef7c26146aac5449bfbe
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

vary
Accept-Encoding
cache-control
public, must-revalidate, max-age=30400998
content-encoding
gzip
etag
5371
appgn
17224409201231707925471615
x-content-type-options
nosniff, nosniff
expires
Thu, 14 May 2026 06:09:46 GMT
imagemagick_im4java
1
content-length
2297
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/svg+xml
content-disposition
inline; filename=87458172.svg
server
Bhoot
x-frame-options
sameorigin, sameorigin
25581306.jpg
static.toiimg.com/photo/msid-25581306/ 		82 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/msid-25581306/25581306.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
9d8fedb939374543f32af7761f6b9962180cb9c682dd6411c84178cd30f07861
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
cache-control
max-age=18842889
etag
921
x-content-type-options
nosniff, nosniff
appgn
17229642801231628182468490
expires
Wed, 31 Dec 2025 11:34:37 GMT
content-length
82
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
nginx
42706777.gif
static.toiimg.com/photo/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/42706777.gif
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
e1eea38b4e8ca21495610df3cbf4c6f23e4c326f89d58baff5acc4b2eea8451f
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
cache-control
max-age=17821667
etag
19181
x-content-type-options
nosniff, nosniff
appgn
172248023401231628594024280
expires
Fri, 19 Dec 2025 15:54:15 GMT
content-length
2662
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
nginx
76150242.cms
static.toiimg.com/photo/ 		340 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/76150242.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
71d88f00f3eba441a7063e62fff3268774c7ad172b20b933552af9c0293d9713
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
cache-control
max-age=19229412
etag
542
x-content-type-options
nosniff, nosniff
appgn
17229642901231628070084085
expires
Sun, 04 Jan 2026 22:56:40 GMT
content-length
340
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
nginx
111052405.cms
static.toiimg.com/photo/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/111052405.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
b9f5dd250bce00050219cf4b2062d9a6279740e5f1213f8d148bf0415f7ce9fb
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

vary
Accept-Encoding
cache-control
public, must-revalidate, max-age=30372762
content-encoding
gzip
etag
4651
appgn
17229387001231721025915325
x-content-type-options
nosniff, nosniff
expires
Wed, 13 May 2026 22:19:10 GMT
imagemagick_im4java
1
content-length
2021
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/svg+xml
content-disposition
inline; filename=111052405.svg
server
Bhoot
x-frame-options
sameorigin, sameorigin
112131742.cms
static.toiimg.com/photo/ 		242 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/112131742.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
99b5a2137869d5a3200ebc0271918f3444d1e2e08c66b7f2fa83fbcd87ff5686
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

vary
Accept-Encoding
cache-control
public, must-revalidate, max-age=30373224
content-encoding
gzip
x-content-type-options
nosniff, nosniff
appgn
17224404101231722776285051
expires
Wed, 13 May 2026 22:26:52 GMT
imagemagick_im4java
1
content-length
92241
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/svg+xml
content-disposition
inline; filename=112131742.svg
server
Bhoot
x-frame-options
sameorigin, sameorigin
toi_webvital_events_min_js.cms
timesofindia.indiatimes.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timesofindia.indiatimes.com/toi_webvital_events_min_js.cms?v=4
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
1df7fe64a57bebb54456f860c2513ac95255bb61a205bf7810c63c1e298fd5a5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.timesinternet.in https://*.sli.ke https://economictimes.indiatimes.com https://navbharattimes.indiatimes.com https://m.timesofindia.com https://m.economictimes.com https://gadgetsnow.com https://www.gadgetsnow.com https://gadgetsnow.indiatimes.com https://www.google.com https://google.com https://static-toiimg-com.cdn.ampproject.org https://m-timesofindia-com.cdn.ampproject.org https://www.newspointapp.com https://timesofindia.indiatimes.com https://auto.timesofindia.com https://timesofindia-indiatimes-com.cdn.ampproject.org https://vijaykarnataka.com https://*.samayam.com https://*.iamgujarat.com https://*.indiatimes.com;
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
x-content-header
br
content-encoding
br
etag
W/"066d0172d257b844d698b01a7524e44f4"
access-control-allow-methods
GET,POST
content-msg
DATA_SERVED_FROM_CACHE
expires
Tue, 27 May 2025 09:49:17 GMT
alt-svc
h3=":443"; ma=93600
date
Tue, 27 May 2025 09:26:28 GMT
content-type
application/javascript;charset=UTF-8
last-modified
Tue, 27 May 2025 09:19:17 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept
strict-transport-security
max-age=86400
content-security-policy
frame-ancestors 'self' https://*.timesinternet.in https://*.sli.ke https://economictimes.indiatimes.com https://navbharattimes.indiatimes.com https://m.timesofindia.com https://m.economictimes.com https://gadgetsnow.com https://www.gadgetsnow.com https://gadgetsnow.indiatimes.com https://www.google.com https://google.com https://static-toiimg-com.cdn.ampproject.org https://m-timesofindia-com.cdn.ampproject.org https://www.newspointapp.com https://timesofindia.indiatimes.com https://auto.timesofindia.com https://timesofindia-indiatimes-com.cdn.ampproject.org https://vijaykarnataka.com https://*.samayam.com https://*.iamgujarat.com https://*.indiatimes.com;
cache-control
public, must-revalidate, max-age=1369
x-cool
70.174
access-control-allow-credentials
false
akamai-timesinternet-grn
0.d3b61302.1748337988.fc46fd4
content-length
2426
content-language
en-GB
server
Bhoot
5025
config.aps.amazon-adsystem.com/configs/ 		531 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/5025
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-123.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
f7abfdb697efecb0d61f9002060839b34e1d9e47573ef4ca00ca008abb1fb795

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
max-age=3600
age
3101
via
1.1 64c8688da1fd73389eb91af90ae83792.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
531
x-amz-cf-id
-o3wHxUSWkeKraQ9kiAQYkkJflsxvDXfC7I-bzo_kynf8vp3ihGJ6Q==
date
Tue, 27 May 2025 08:34:47 GMT
content-type
application/javascript
x-amz-cf-pop
FRA56-P8
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		946 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5025&u=https%3A%2F%2Fsub4.mafinet.store
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d2dae21f9129a58eab4e0a44f21317af32fee82552774a9f5106464e64816775

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
access-control-allow-origin
https://sub4.mafinet.store
x-cache
Miss from cloudfront
content-length
946
x-amz-cf-id
4wVScREgrZddHfIkcEM-BLGTgV5ieJmjtQFZa24zkxt_zSyc_ij7vA==
date
Tue, 27 May 2025 09:26:28 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA56-P6
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-allow-methods
GET
x-cache
Miss from cloudfront
x-amz-cf-id
KyNBZPQSafsZMxCe5QSduxgTOBL9uBows877Pdb23dMci0OtO3-RkA==
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/ 		539 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js?network-code=23037861279
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
638b32a4f2339ff4f58198fe56ffb89091e03c23d76a39821797c01f026e21ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
br
etag
8367355567805738573
age
590
x-content-type-options
nosniff
expires
Wed, 27 May 2026 09:16:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 27 May 2025 09:16:38 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
173743
x-xss-protection
0
server
cafe
ppub_config
securepubads.g.doubleclick.net/pagead/ 		123 B
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=sub4.mafinet.store&pppnc=23037861279
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js?network-code=23037861279
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ae999317bdbcb11cddfd253ffca2419442ed0d7a3c80bc2a4abf936222d01d0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 27 May 2025 09:26:28 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
76
date
Tue, 27 May 2025 09:26:28 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
/
geoapi.indiatimes.com/ 		90 B
580 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geoapi.indiatimes.com/?cb=1
Requested by
Host: timesofindia.indiatimes.com
URL: https://timesofindia.indiatimes.com/toiads_prebid/minify-1.cms
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:5b5::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
3a37616963595af61c477cd624eb474636c82130f5dadf672031c0248160fd01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

Access-Control-Max-Age
86400
Cache-Control
max-age=0, no-cache, no-store
Edgescape-API
geo_region=155,country_code=NL,region_code=,city=AMSTERDAM, continent=EU
Pragma
no-cache
Connection
close
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET,POST
Expires
Tue, 27 May 2025 09:26:29 GMT
Access-Control-Allow-Origin
*
Content-Length
90
Date
Tue, 27 May 2025 09:26:29 GMT
Content-Type
text/html
Access-Control-Allow-Headers
*
loader.js
cdn.taboola.com/libtrc/timesinternetlimited-timesofindia/ 		1 MB
283 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/timesinternetlimited-timesofindia/loader.js
Requested by
Host: timesofindia.indiatimes.com
URL: https://timesofindia.indiatimes.com/toiads_prebid/minify-1.cms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dab0bab343fe63d0715d194921f74491f3736cdfd6be9d52c66c686244e7058a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
gzip
etag
"cebb3bbc7d602cf197896b7995fe1949"
x-amz-version-id
irndVC_8eyPGXvA9KY_8tp2UPUiPoNE1
age
1385
x-cache
HIT
date
Tue, 27 May 2025 09:26:28 GMT
last-modified
Tue, 27 May 2025 09:03:14 GMT
x-served-by
cache-ams21027-AMS
x-cache-hits
7
content-type
application/javascript; charset=utf-8
x-amz-id-2
RJCXss895NmN0IXVTxhss8LfG/MxANV98H5WKkbpldx3pinj76cX9WYX5R5cgxdZGiX8MPOaC+M=
x-amz-meta-x-tbl-source
kfc-purge-prod
vary
Accept-Encoding
x-amz-replication-status
PENDING
cache-control
private,max-age=14401
x-timer
S1748337989.911104,VS0,VE0
via
1.1 varnish
x-amz-request-id
T77ZT97ZPWP35374
accept-ranges
bytes
access-control-allow-origin
*
abp
59
content-length
288612
server
AmazonS3
x-amz-server-side-encryption
AES256
71149155.cms
static.toiimg.com/photo/ 		1 KB
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/71149155.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
de4b846f289a63be3f3310afd5bc823396b1ece130838e5e36c8e74cae55b369
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
gzip
etag
1170
appgn
17224409501231704674813182
x-content-type-options
nosniff
expires
Fri, 08 May 2026 16:17:17 GMT
imagemagick_im4java
1
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/svg+xml
vary
Accept-Encoding
content-disposition
inline; filename=71149155.svg
x-frame-options
sameorigin
strict-transport-security
max-age=25920000; includeSubdomains
cache-control
max-age=29919049
content-length
559
x-xss-protection
1; mode=block
server
Bhoot
117489205.cms
static.toiimg.com/photo/ 		32 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/117489205.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f54d , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
436ae921490e2808650d30f7f40780a7c1c9b6c3de7e5c686047995bdbb3adc7
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

vary
Accept-Encoding
cache-control
public, must-revalidate, max-age=30372923
content-encoding
gzip
etag
32785
appgn
172244020501231738078234096
x-content-type-options
nosniff, nosniff
expires
Wed, 13 May 2026 22:21:51 GMT
imagemagick_im4java
1
content-length
11535
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/svg+xml
content-disposition
inline; filename=117489205.svg
server
Bhoot
x-frame-options
sameorigin, sameorigin
beacon.js
sb.scorecardresearch.com/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-27.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
386a95ac998b3935b9e00f9efcb7845fc32eb675cb38e66477b3dc744dfcc55c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

vary
accept-encoding
cache-control
max-age=86400
content-encoding
gzip
etag
W/"b76779fa4f009d09c2925c8833b1b0df"
age
28823
via
1.1 3caf29bae8aa1020b6ba57a71bbb0880.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
6y0_CiDbvlz4kP5C_E2VozEoK6-CqhXMs9qNRSWF7dyjalGr6RWb5A==
date
Tue, 27 May 2025 01:26:10 GMT
content-type
text/javascript
last-modified
Thu, 22 May 2025 07:52:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256
colombia_v2.js
static.clmbtech.com/ad/commons/js/2658/toi/ 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.clmbtech.com/ad/commons/js/2658/toi/colombia_v2.js
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f546 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
10bd4ad154285b46993c796a707e2902ba505e39be7596ac38e5f3b89234c354
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"e24f-633e5a22959a7-gzip"
x-content-type-options
nosniff
access-control-allow-methods
GET,POST
expires
Wed, 28 May 2025 09:26:28 GMT
date
Tue, 27 May 2025 09:26:28 GMT
content-type
application/javascript
last-modified
Tue, 29 Apr 2025 07:20:21 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
access-control-allow-headers
*
strict-transport-security
max-age=25920000; includeSubdomains
cache-control
max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-origin
*
content-length
18572
x-xss-protection
1; mode=block
server
Bhoot
/
geoapi.indiatimes.com/ 		90 B
580 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geoapi.indiatimes.com/?cb
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:5b5::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
3a37616963595af61c477cd624eb474636c82130f5dadf672031c0248160fd01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

Access-Control-Max-Age
86400
Cache-Control
max-age=0, no-cache, no-store
Edgescape-API
geo_region=155,country_code=NL,region_code=,city=AMSTERDAM, continent=EU
Pragma
no-cache
Connection
close
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET,POST
Expires
Tue, 27 May 2025 09:26:29 GMT
Access-Control-Allow-Origin
*
Content-Length
90
Date
Tue, 27 May 2025 09:26:29 GMT
Content-Type
text/html
Access-Control-Allow-Headers
*
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsub4.mafinet.store%2F&domain=sub4.mafinet.store&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://sub4.mafinet.store
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://sub4.mafinet.store
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 27 May 2025 09:26:28 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
223149
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
377 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsub4.mafinet.store%2F&domain=sub4.mafinet.store&cw=1&lsw=1
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
application/json
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
250178
expires
0
access-control-allow-origin
https://sub4.mafinet.store
date
Tue, 27 May 2025 09:26:28 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel
pbhid
id.hadron.ad.gt/api/v1/ 		2 B
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=0&_it=prebid&t=1&src=id&domain=sub4.mafinet.store
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
max-age=604800
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
cf-ray
9464788efa735329-AMS
access-control-allow-origin
*
content-length
2
date
Tue, 27 May 2025 09:26:29 GMT
content-type
application/json; charset=utf8
server
cloudflare
access-control-allow-headers
authorization,content-type
id
id.crwdcntrl.net/ 		43 B
276 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.4.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-4-74.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://sub4.mafinet.store
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
43
date
Tue, 27 May 2025 09:26:28 GMT
content-type
application/json;charset=utf-8
rid
match.adsrvr.org/track/ 		63 B
439 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=kg9dznt&fmt=json
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
6490aae05dd1b7ab06a1197e5c70ce047815209bf48991160d908186af96e7c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Thu, 26 Jun 2025 09:26:28 GMT
access-control-allow-origin
https://sub4.mafinet.store
date
Tue, 27 May 2025 09:26:28 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, x-integration-type
web-vitals.attribution.iife.js
unpkg.com/web-vitals@4.1.1/dist/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@4.1.1/dist/web-vitals.attribution.iife.js
Requested by
Host: timesofindia.indiatimes.com
URL: https://timesofindia.indiatimes.com/toi_webvital_events_min_js.cms?v=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.0.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f06831aeabee991deb5037e93e9fd84e92ef8c1cc5c364a8278d444a150d78f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-expose-headers
*
content-encoding
gzip
cf-cache-status
HIT
age
979040
access-control-allow-methods
GET, HEAD, OPTIONS
x-content-type-options
nosniff
expires
Wed, 27 May 2026 09:26:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 27 May 2025 09:26:28 GMT
content-type
text/javascript; charset=utf-8
last-modified
Tue, 29 Apr 2025 17:16:18 GMT
vary
Accept-Encoding
fly-request-id
01JT18S975VA6BR94NF0EY44CD-ord
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
priority
u=3,i=?0
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 fly.io, 1.1 fly.io
cf-ray
9464788ecdd38ade-AMS
content-digest
sha256=:8GgxrqvumR3rUDfpPp/YTpLvjBzFw2SoJ41EShUNePc=:
access-control-allow-origin
*
server
cloudflare
gtm.js
www.googletagmanager.com/ 		303 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3PMSJN
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a8db34cea2e6b7dc915bdde0ca33f2c2c6e6396298e29c1f3cd02e08dc33aa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://sub4.mafinet.store
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1317:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1317:0"}],}
expires
Tue, 27 May 2025 09:26:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 09:26:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Origin, Accept-Encoding
last-modified
Tue, 27 May 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1317:0
access-control-allow-origin
https://sub4.mafinet.store
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1317:0
content-length
98845
x-xss-protection
0
server
Google Tag Manager
popup_manager_priority.cms
timesofindia.indiatimes.com/ 		714 B
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://timesofindia.indiatimes.com/popup_manager_priority.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-195.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
0d4dc403eb04e1a93b39585b1f6fdd943908180585773c2b1bd74e1719cc4446
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.timesinternet.in https://*.sli.ke https://economictimes.indiatimes.com https://navbharattimes.indiatimes.com https://m.timesofindia.com https://m.economictimes.com https://gadgetsnow.com https://www.gadgetsnow.com https://gadgetsnow.indiatimes.com https://www.google.com https://google.com https://static-toiimg-com.cdn.ampproject.org https://m-timesofindia-com.cdn.ampproject.org https://www.newspointapp.com https://timesofindia.indiatimes.com https://auto.timesofindia.com https://timesofindia-indiatimes-com.cdn.ampproject.org https://vijaykarnataka.com https://*.samayam.com https://*.iamgujarat.com https://*.indiatimes.com;
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
x-content-header
br
content-encoding
br
etag
W/"0b054c4dce5a351ab0c26c7416bd810e2"
access-control-allow-methods
GET,POST
content-msg
DATA_SERVED_FROM_CACHE
expires
Tue, 27 May 2025 10:12:43 GMT
alt-svc
h3=":443"; ma=93600
date
Tue, 27 May 2025 09:26:28 GMT
content-type
application/javascript;charset=UTF-8
last-modified
Tue, 27 May 2025 08:54:01 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept
strict-transport-security
max-age=86400
content-security-policy
frame-ancestors 'self' https://*.timesinternet.in https://*.sli.ke https://economictimes.indiatimes.com https://navbharattimes.indiatimes.com https://m.timesofindia.com https://m.economictimes.com https://gadgetsnow.com https://www.gadgetsnow.com https://gadgetsnow.indiatimes.com https://www.google.com https://google.com https://static-toiimg-com.cdn.ampproject.org https://m-timesofindia-com.cdn.ampproject.org https://www.newspointapp.com https://timesofindia.indiatimes.com https://auto.timesofindia.com https://timesofindia-indiatimes-com.cdn.ampproject.org https://vijaykarnataka.com https://*.samayam.com https://*.iamgujarat.com https://*.indiatimes.com;
cache-control
public, must-revalidate, max-age=2775
x-cool
70.142
access-control-allow-credentials
false
quic-version
0x00000001
akamai-timesinternet-grn
0.03d53e17.1748337988.12ec9cb4
content-length
247
content-language
en-US
server
Bhoot
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.96.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-96-101.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Tue, 27 May 2025 09:41:29 GMT
accept-ranges
bytes
content-length
17407
date
Tue, 27 May 2025 09:26:29 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
i.js
tag.wknd.ai/7535/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.wknd.ai/7535/i.js
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
912e862bc4fcfe73de857c10f7f32b330dda3fe2af8a7ce1bb4b3fffb311d18e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
gzip
etag
d86ce5ef70442f
age
35
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 09:25:54 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect
cache-control
public,max-age=60
timing-allow-origin
*
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
tag-router.tag-router.svc.cluster.local:80/*
via
1.1 google
access-control-allow-origin
*
content-length
2271
server
istio-envoy
x-region
us-central1
121431540.jpg
static.toiimg.com/thumb/imgsize-51470,msid-121431540,width-160,resizemode-4/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-51470,msid-121431540,width-160,resizemode-4/121431540.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
25bd8ea829f6e6f6bdacddfc756c5b5af337b5826b5f48fe8f5e453f58c5949e
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31551407
etag
51470
appgn
172247715701231748331280816
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 13:43:15 GMT
alt-svc
h3=":443"; ma=93600
content-length
2342
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121408896.jpg
static.toiimg.com/thumb/imgsize-73866,msid-121408896,width-160,resizemode-4/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-73866,msid-121408896,width-160,resizemode-4/121408896.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
5a16a1391b39d7ab7b65c416b61d6b607176260f2be9399cd5765bd74d520dd1
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31515842
etag
73866
appgn
172247715701231748295753515
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 03:50:30 GMT
alt-svc
h3=":443"; ma=93600
content-length
1080
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121433099.jpg
static.toiimg.com/thumb/imgsize-562878,msid-121433099,width-160,resizemode-4/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-562878,msid-121433099,width-160,resizemode-4/121433099.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
6c7f5c538f42c53bc0bccb1dce152ad48b52705f2342002b5472775c0645d530
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31554337
etag
562878
appgn
17224778801231748334370401
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 14:32:05 GMT
alt-svc
h3=":443"; ma=93600
content-length
1368
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121433030.jpg
static.toiimg.com/thumb/imgsize-120924,msid-121433030,width-160,resizemode-4/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-120924,msid-121433030,width-160,resizemode-4/121433030.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
f590afea77ac56ca01338cec0041f34c2186d2e3f918101c03e8f1872a66e120
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31556218
etag
120924
appgn
172293821401231748336291418
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 15:03:26 GMT
alt-svc
h3=":443"; ma=93600
content-length
3046
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121433766.jpg
static.toiimg.com/thumb/imgsize-744366,msid-121433766,width-160,resizemode-4/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-744366,msid-121433766,width-160,resizemode-4/121433766.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
c9b932bdbba3135a3b9668cb9f273542f9e20916be24ec1d60b9e3e50dbae399
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31555516
etag
744366
appgn
172247715701231748335595943
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 14:51:44 GMT
alt-svc
h3=":443"; ma=93600
content-length
1808
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121377786.jpg
static.toiimg.com/thumb/imgsize-1562376,msid-121377786,width-160,resizemode-4/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-1562376,msid-121377786,width-160,resizemode-4/121377786.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
a16513de86f07b05da7d6fb48dc871575671f22bb45feebd61004d508b9cae6a
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31355960
etag
1562376
appgn
172291321201231748135946071
x-content-type-options
nosniff, nosniff
expires
Mon, 25 May 2026 07:25:48 GMT
alt-svc
h3=":443"; ma=93600
content-length
2244
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121404064.jpg
static.toiimg.com/thumb/imgsize-72742,msid-121404064,width-160,resizemode-4/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-72742,msid-121404064,width-160,resizemode-4/121404064.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
249a1e703c6735cfef0749c0e63765aa29291fe4106a0bd158bf58c62c124181
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31455235
etag
72742
appgn
172293821301231748235253600
x-content-type-options
nosniff, nosniff
expires
Tue, 26 May 2026 11:00:23 GMT
alt-svc
h3=":443"; ma=93600
content-length
3546
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121424959.jpg
static.toiimg.com/thumb/imgsize-132780,msid-121424959,width-160,resizemode-4/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-132780,msid-121424959,width-160,resizemode-4/121424959.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
e157750d7333f505593921ceaf6fd7bd5b5f4b66f896a67a7340f4244292698f
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31537108
etag
132780
appgn
172293821301231748313083220
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 09:44:56 GMT
alt-svc
h3=":443"; ma=93600
content-length
4190
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121405562.jpg
static.toiimg.com/thumb/imgsize-154706,msid-121405562,width-160,resizemode-4/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-154706,msid-121405562,width-160,resizemode-4/121405562.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
d735a8d9e77754c8e65cea88f19d72393ac293b3c8ae10457978dfddd2e09c41
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31550811
etag
154706
appgn
172293825301231748330886972
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 13:33:19 GMT
alt-svc
h3=":443"; ma=93600
content-length
4122
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121414206.jpg
static.toiimg.com/thumb/imgsize-106884,msid-121414206,width-160,resizemode-4/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-106884,msid-121414206,width-160,resizemode-4/121414206.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
aa414fd7bc1fb594cfd622f642a4fc8d1c5f060ad53a1ce1a804a8650ad37526
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31547359
etag
106884
appgn
172247716001231748311723976
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 12:35:47 GMT
alt-svc
h3=":443"; ma=93600
content-length
2806
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121424942.jpg
static.toiimg.com/thumb/imgsize-93764,msid-121424942,width-160,resizemode-4/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-93764,msid-121424942,width-160,resizemode-4/121424942.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
d6344f69f8ec7df81b29ffd87019d7c6d28666139c89c49dd66fcfb90fdc507d
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31538993
etag
93764
appgn
172291321701231748312000877
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 10:16:21 GMT
alt-svc
h3=":443"; ma=93600
content-length
3048
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121426087.jpg
static.toiimg.com/thumb/imgsize-134616,msid-121426087,width-160,resizemode-4/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-134616,msid-121426087,width-160,resizemode-4/121426087.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
cb6be1ce3987ec92def3d7005ba0b1ca1709ead7637d9c87fd131d61cd002607
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31538258
etag
134616
appgn
172291321701231748318199855
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 10:04:06 GMT
alt-svc
h3=":443"; ma=93600
content-length
3904
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121428062.jpg
static.toiimg.com/thumb/imgsize-26356,msid-121428062,width-160,resizemode-4/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-26356,msid-121428062,width-160,resizemode-4/121428062.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
835b507c0da20e45b963ec475f4bdc3e0921dfb7c5e9f43ccdc9e81af46002fa
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31543589
etag
26356
appgn
172293821501231748322636990
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 11:32:57 GMT
alt-svc
h3=":443"; ma=93600
content-length
2172
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121430002.jpg
static.toiimg.com/thumb/imgsize-885438,msid-121430002,width-160,resizemode-4/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-885438,msid-121430002,width-160,resizemode-4/121430002.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
2c1cce7d9c6cdd12158ab198d11b8a029bc39066bebcd62e31ee6771aa4ee360
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31549503
etag
885438
appgn
172247716001231748329505718
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 13:11:31 GMT
alt-svc
h3=":443"; ma=93600
content-length
1542
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121432254.jpg
static.toiimg.com/thumb/imgsize-81266,msid-121432254,width-160,resizemode-4/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-81266,msid-121432254,width-160,resizemode-4/121432254.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
c480e4c8b01d488f22a71ea3638a8c68ec05bf7ac50b8a528d52e4e61af57413
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31555829
etag
81266
appgn
172247715401231748335914069
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 14:56:57 GMT
alt-svc
h3=":443"; ma=93600
content-length
3866
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121433430.jpg
static.toiimg.com/thumb/imgsize-944090,msid-121433430,width-160,resizemode-4/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-944090,msid-121433430,width-160,resizemode-4/121433430.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
de280428b5a8c1d2ea5f68fed71af25ade0456dd1c766aa88798671e65cd320a
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31555736
etag
944090
appgn
172244014101231748335727490
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 14:55:24 GMT
alt-svc
h3=":443"; ma=93600
content-length
2136
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121421822.jpg
static.toiimg.com/thumb/imgsize-12514,msid-121421822,width-160,resizemode-4/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-12514,msid-121421822,width-160,resizemode-4/121421822.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
fe9ce55eee7f16f7515f53d202c340470b4e15a65edc89bdcd5a30ffb50f4877
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31531896
etag
12514
appgn
172293821301231748311908826
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 08:18:04 GMT
alt-svc
h3=":443"; ma=93600
content-length
1702
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121413869.jpg
static.toiimg.com/thumb/imgsize-2082268,msid-121413869,width-160,resizemode-4/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-2082268,msid-121413869,width-160,resizemode-4/121413869.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
caff855916e5d0310b6b42a01d66d12319f9808c5f066aed34ee403758f514b9
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31481275
etag
2082268
appgn
172293825301231748261363005
x-content-type-options
nosniff, nosniff
expires
Tue, 26 May 2026 18:14:23 GMT
alt-svc
h3=":443"; ma=93600
content-length
2328
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121416592.jpg
static.toiimg.com/thumb/imgsize-32536,msid-121416592,width-160,resizemode-4/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-32536,msid-121416592,width-160,resizemode-4/121416592.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
0679d404d89bf6ac260c6a212a8da69b7cb260f6c10a961778495ba7ec231d01
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31553973
etag
32536
appgn
172293825301231748333971573
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 14:26:01 GMT
alt-svc
h3=":443"; ma=93600
content-length
1206
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121416188.jpg
static.toiimg.com/thumb/imgsize-550281,msid-121416188,width-160,resizemode-4/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-550281,msid-121416188,width-160,resizemode-4/121416188.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
d247893d2d273efc70bd716e2f1062a57913a2bd71b83ddabb0411350e2d9631
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31542937
etag
550281
appgn
172291321601231748267529187
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 11:22:05 GMT
alt-svc
h3=":443"; ma=93600
content-length
1054
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121429129.jpg
static.toiimg.com/thumb/imgsize-98906,msid-121429129,width-200,resizemode-4/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-98906,msid-121429129,width-200,resizemode-4/121429129.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
51d67d3a96c650d999b699b223889b5cda0fb81cb376c16a582503295a7d6c23
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31545375
etag
98906
appgn
172247712301231748325379848
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 12:02:43 GMT
alt-svc
h3=":443"; ma=93600
content-length
4970
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121427550.jpg
static.toiimg.com/thumb/imgsize-73154,msid-121427550,width-200,resizemode-4/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-73154,msid-121427550,width-200,resizemode-4/121427550.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
c21c0c16f7354d48ba5a71feebd94292ac4d0c99f3155af4645ccf0d2560eebd
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31554014
etag
73154
appgn
172291321501231748324954552
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 14:26:42 GMT
alt-svc
h3=":443"; ma=93600
content-length
5478
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121421858.jpg
static.toiimg.com/thumb/imgsize-66168,msid-121421858,width-200,resizemode-4/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-66168,msid-121421858,width-200,resizemode-4/121421858.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
44b261f2ca169072dc3475ec30de921388e5f8fd96dc22358b277a371c91844a
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31544934
etag
66168
appgn
172293821401231748324952545
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 11:55:22 GMT
alt-svc
h3=":443"; ma=93600
content-length
5224
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121428375.jpg
static.toiimg.com/thumb/imgsize-123298,msid-121428375,width-200,resizemode-4/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-123298,msid-121428375,width-200,resizemode-4/121428375.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
677f14bbf32d2fb52afa3d092d528a528c75b6bd10eed5fcc85efe6c5612fc8e
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31544348
etag
123298
appgn
172247715901231748324295424
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 11:45:36 GMT
alt-svc
h3=":443"; ma=93600
content-length
5130
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121427670.jpg
static.toiimg.com/thumb/imgsize-95742,msid-121427670,width-200,resizemode-4/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-95742,msid-121427670,width-200,resizemode-4/121427670.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
e4e4bb136353eba5c34df6c8eae145f29fe03f9992e5876adf3e0e1ad71788ee
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31540498
etag
95742
appgn
172247716201231748320444589
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 10:41:26 GMT
alt-svc
h3=":443"; ma=93600
content-length
5904
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121432120.jpg
static.toiimg.com/thumb/imgsize-129630,msid-121432120,width-200,resizemode-4/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-129630,msid-121432120,width-200,resizemode-4/121432120.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
d8732812f3954fc5f0622d7342034e5acaec64b430e69a28c5cb0a107c2dcdc3
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31557241
etag
129630
appgn
172293816201231748333427515
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 15:20:29 GMT
alt-svc
h3=":443"; ma=93600
content-length
3054
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
121429902.jpg
static.toiimg.com/thumb/imgsize-100000,msid-121429902,width-200,resizemode-4/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/thumb/imgsize-100000,msid-121429902,width-200,resizemode-4/121429902.jpg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
7877884f922e1363c3f1f999a21fadfa52a8adc742a83fd43ba2980b7cfe892d
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
public, must-revalidate, max-age=31556789
etag
100000
appgn
172247715401231748326774197
x-content-type-options
nosniff, nosniff
expires
Wed, 27 May 2026 15:12:57 GMT
alt-svc
h3=":443"; ma=93600
content-length
5562
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:28 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6036484&cs_it=b1&cv=4.13.0%2B2504041036&ns__t=1748337988966&ns_c=UTF-8&cs_cfg=1001110&cs_ucfr=0&c7=https%3A%2F%2Fsub4.mafinet.store%2F&c8=News%20-%20Breaking%20News%2C%20Latest%20News%2C%20India%20News%2C%20World%20News%2C%20Bollywood%2C%20Sports%2C%20Business%20and%20Political%20News%20%7C%20Times%20of%20India&c9=
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-27.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

via
1.1 3caf29bae8aa1020b6ba57a71bbb0880.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
5JM5h5Qm2AXczXrZ_fTRkxorknCuUBtTtGmOyB7UPLm7eRSvrA5O1Q==
date
Tue, 27 May 2025 09:26:28 GMT
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
23037861279
fundingchoicesmessages.google.com/i/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/23037861279?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
84fabe5d1238a78821cc8c3804f1145b1715d2dae01c80aafef40a4864a7ae97
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-pvJYw0NTPfWRiZCMyCEvBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 09:26:29 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1JBiaL15jnUqEBsqXGJ1BOL76y6xPgfiD_WXWX8AcZHEFdYmIP5UdYNVqPoGaxL7TdYiIA51vMkaC8JpN1lTgXjNxlusW4C4Sfs2axcQm_ndZrUDYiFujqNd1w6yCfzYdydYSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyNTA1MhAz8AgvsAAAJjgP6o"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-pvJYw0NTPfWRiZCMyCEvBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
v6.htm
ade.clmbtech.com/cde/data/-1/-1/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ade.clmbtech.com/cde/data/-1/-1/v6.htm?id=532801~187795132~home&adtype=1&_v=0&auds=all,5q6&_u=https%3A%2F%2Fsub4.mafinet.store%2F&_t=3&_c=T613m428F320_0&fpc=null&r=W687C203b583&dpv=1&ver=%221.20.0%22
Requested by
Host: static.clmbtech.com
URL: https://static.clmbtech.com/ad/commons/js/2658/toi/colombia_v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f546 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
f96a36f7f8ba47d7dfe3db09ec78459fd17e06a1103205290627c21b88b8857d
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

x-content-header
gzip
content-encoding
gzip
x-irstime
7
x-content-type-options
nosniff
x-sid
3
date
Tue, 27 May 2025 09:26:29 GMT
content-type
application/javascript;charset=utf-8
vary
accept-encoding
x-nslots
1
content-disposition
inline;filename=f.txt
x-frame-options
sameorigin
strict-transport-security
max-age=25920000; includeSubdomains
cache-control
private
x-identifier
2923ed06-fbf8-4748-a437-f8e7ccebe39e
content-length
2439
x-xss-protection
1; mode=block
x-metime
-1
server
Bhoot
sync
gumi.criteo.com/ 		46 B
706 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gumi.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/timesinternetlimited-timesofindia/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=3600
content-encoding
gzip
server-processing-duration-in-ticks
427875
expires
60
date
Tue, 27 May 2025 09:26:28 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Kestrel
runtime_c81e76ee00d795b1eebf8d27949f8dc5.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		908 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_c81e76ee00d795b1eebf8d27949f8dc5.br.js
Requested by
Host: tag.wknd.ai
URL: https://tag.wknd.ai/7535/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
546e554a3c51ce180d022de9ff5506f14603b38d40ece9f2be43c88328358a52

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
br
x-goog-hash
crc32c=zwy9lg==, md5=HCxXU9+1dkCoulTxEZNLMA==
etag
"1c2c5753dfb57640a8ba54f111934b30"
age
66758
ad-auction-allowed
true
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
509
date
Mon, 26 May 2025 14:53:51 GMT
last-modified
Thu, 22 May 2025 18:41:12 GMT
content-type
text/javascript
x-guploader-uploadid
AAO2VwoUtDwoMp0NxAXgM7qkqZ5PNapXKm4fAceRh3wf9sMbGWsADn_gboBrIE5N15elOcNERhXedOzMs0mNzg
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1747939272781156
content-length
509
server
UploadServer
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202505220101/ 		63 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202505220101/gpt
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8c9c942cbc4b50a998e5204686305e5192f73e9a64425654ef4b8716015b8b67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
10260624382802495031
age
442
x-content-type-options
nosniff
expires
Tue, 03 Jun 2025 09:19:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 27 May 2025 09:19:07 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23619
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202505220101"
js
www.googletagmanager.com/gtag/ 		412 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FCN624MN68&cx=c&gtm=45He55l1v896110376za200&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3PMSJN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1cbbb319e0fbaa1a55ef8c38acc78b6d388f37fca1b0a62c5d420af7eec7ac78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires
Tue, 27 May 2025 09:26:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 09:26:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1075:0
content-length
139871
x-xss-protection
0
server
Google Tag Manager
main-v2_0ce74a58811fd5fc784b060520739160.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		540 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_0ce74a58811fd5fc784b060520739160.br.js
Requested by
Host: tag.wknd.ai
URL: https://tag.wknd.ai/7535/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1e152e9d348357e420a73e3c960f4f444503b9487eb28fcd73b4fd7354abfcb4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
br
x-goog-hash
crc32c=Cpc1Ag==, md5=6jWFadcbfDI9ykNDj+DViQ==
etag
"ea358569d71b7c323dca43438fe0d589"
age
44285
ad-auction-allowed
true
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
119463
date
Mon, 26 May 2025 21:08:24 GMT
last-modified
Thu, 22 May 2025 18:40:58 GMT
content-type
text/javascript
x-guploader-uploadid
ABgVH8_mXrnOakFmtUMbtm2dAj6oRtX30gwkFTGhLU2Bgb2RRzxeZb0DSgKatDP3JluRWw7JHslyJdc
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1747939258488797
content-length
119463
server
UploadServer
onsite-v2_c05f8c5551fa6b964660ad61916291c1.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_c05f8c5551fa6b964660ad61916291c1.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_0ce74a58811fd5fc784b060520739160.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c4115c0f25c38c7c6e4fe395868c8e05a6ab8081c5670faef37399c9856e9ef1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
br
x-goog-hash
crc32c=lQHq8A==, md5=cs20ybary9o+Ys/CHpWkUg==
etag
"72cdb4c9b6abcbda3e62cfc21e95a452"
age
319590
ad-auction-allowed
true
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
5556
date
Fri, 23 May 2025 16:39:59 GMT
last-modified
Thu, 22 May 2025 18:41:04 GMT
content-type
text/javascript
x-guploader-uploadid
AAO2Vwo2X0w4JQeCjhr_6e9w3CUJINtpMQs1whu_PsYzWlot8apsij8xzgd4kc-EtaXqEVGu
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1747939264090010
content-length
5556
server
UploadServer
ads-v2_c57a7ca3cc68847fdee43e653f3334c7.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		175 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_c57a7ca3cc68847fdee43e653f3334c7.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_0ce74a58811fd5fc784b060520739160.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
088d021c8a083e0f993d2a32f294fcd14ebc45fda7e77c3cda3b024ff898bdcb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
br
x-goog-hash
crc32c=LYqztQ==, md5=78Od+c699Q0RatjErZ4k5w==
etag
"efc39df9cebdf50d116ad8c4ad9e24e7"
age
271572
ad-auction-allowed
true
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
39889
date
Sat, 24 May 2025 06:00:17 GMT
last-modified
Thu, 22 May 2025 18:40:41 GMT
content-type
text/javascript
x-guploader-uploadid
AAO2VwrSxI0mgOUEz5eC0letG5Tv15MXS5doPKkswUD3KT-44sUqiQK6uZ3gvubmRp3XlyzE8Y9kDbc
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1747939241077317
content-length
39889
server
UploadServer
21c0a8ed39794f1f9fbc28b789a9ce90_1712686089398_0.webp
static.clmbtech.com/ctn/10750/images/43/ Frame 871F 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.clmbtech.com/ctn/10750/images/43/21c0a8ed39794f1f9fbc28b789a9ce90_1712686089398_0.webp
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f546 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
2495f89228a4c0bd5e1acd14b4f8733dbbb2ffbe9da27fe5b18445edddb8223f
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
etag
"6328-615adce104560"
x-content-type-options
nosniff
access-control-allow-methods
GET,POST
expires
Mon, 25 Aug 2025 09:26:29 GMT
date
Tue, 27 May 2025 09:26:29 GMT
content-type
image/webp
last-modified
Tue, 09 Apr 2024 18:08:10 GMT
access-control-allow-headers
*
x-frame-options
sameorigin
strict-transport-security
max-age=25920000; includeSubdomains
cache-control
max-age=7776000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-origin
*
content-length
25384
x-xss-protection
1; mode=block
server
Bhoot
jquery-3.7.1.min.js
assets.bounceexchange.com/assets/bounce/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_0ce74a58811fd5fc784b060520739160.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
x-goog-hash
crc32c=fsBEgw==, md5=LIctvmD0unD7hTVhE9izXg==
content-encoding
br
etag
W/"2c872dbe60f4ba70fb85356113d8b35e"
age
89100
ad-auction-allowed
true
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
87533
date
Mon, 26 May 2025 08:41:29 GMT
last-modified
Thu, 22 May 2025 18:40:35 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
x-guploader-uploadid
AAO2VwpHiDx1aigi5FrA9hWZLkZRLqj1uiI6SjqE340TnXP7-wtBV-1Vmb2UBjbL3Ca4tGa5
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1747939235372987
content-length
31016
server
UploadServer
website-f056a2e2e7afa5710967dc051ce1f1b8.js
assets.bounceexchange.com/cache/7535/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/cache/7535/website-f056a2e2e7afa5710967dc051ce1f1b8.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_0ce74a58811fd5fc784b060520739160.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bdc8fdcf74ac226ae3a42008ba759cd6d1e50550a24025acefcd796eeaf51d9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
x-goog-hash
crc32c=HPH6xA==, md5=gFhmKV5hH/I6nE7p0S3QsQ==
content-encoding
br
etag
W/"805866295e611ff23a9c4ee9d12dd0b1"
age
72
ad-auction-allowed
true
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
8881
date
Tue, 27 May 2025 09:25:17 GMT
last-modified
Tue, 20 May 2025 20:58:04 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
ABgVH8_INrZjzN0Kxs2Xst1D1OjIech1kScFXBKM5Fye3iVV8xmDZnLpjo4K4WBl6r2lWN3gU8E8Dds
cache-control
public,max-age=120
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1747774684303290
content-length
2978
server
UploadServer
campaign-index-live-ec3574ec4833b07194e88eadb8e1dc73.js
assets.bounceexchange.com/cache/7535/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/cache/7535/campaign-index-live-ec3574ec4833b07194e88eadb8e1dc73.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_0ce74a58811fd5fc784b060520739160.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f35ae36bf956ce48916a1114ff459e2473ad530ad0ce51ec7dbabe985456a8fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
x-goog-hash
crc32c=qnfk6w==, md5=0ac6bRgbXszrNxWyuzfHFw==
content-encoding
br
etag
W/"d1a73a6d181b5ecceb3715b2bb37c717"
age
548286
ad-auction-allowed
true
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
12413
date
Wed, 21 May 2025 01:08:23 GMT
last-modified
Tue, 20 May 2025 20:58:03 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
AAO2VwoI8VrPPEx-8_tEI0nvRvCHY4bcQDwbpWwY50HhrHu3OJbYQngn10XbORks0Fd4F8DtA-CbhAQ
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1747774683293203
content-length
1652
server
UploadServer
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-FCN624MN68&gtm=45je55l1v883796539z8896110376za200zb896110376&_p=1748337988834&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&cid=425418463.1748337989&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1748337989&sct=1&seg=0&dl=https%3A%2F%2Fsub4.mafinet.store%2F&dt=News%20-%20Breaking%20News%2C%20Latest%20News%2C%20India%20News%2C%20World%20News%2C%20Bollywood%2C%20Sports%2C%20Business%20and%20Political%20News%20%7C%20Times%20of%20India&en=component_load&_fv=2&_nsi=1&_ss=2&ep.useAmpClientId=true&ep.browsing_platform=web&ep.type=taboola_ad_widget&ep.placement=Mid-Home-Thumbnails&tfd=1084
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FCN624MN68&cx=c&gtm=45He55l1v896110376za200&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:155:0
report-to
{"group":"ascnsrsggc:155:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:155:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://sub4.mafinet.store
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:155:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 09:26:29 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
550 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FCN624MN68&cid=425418463.1748337989&gtm=45je55l1v883796539z8896110376za200zb896110376&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FCN624MN68&cx=c&gtm=45He55l1v896110376za200&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:124:0
report-to
{"group":"ascnsrsggc:124:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:124:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://sub4.mafinet.store
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:124:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 09:26:29 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.nl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FCN624MN68&cid=425418463.1748337989&gtm=45je55l1v883796539z8896110376za200zb896110376&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&z=1411424043
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 27 May 2025 09:26:29 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame FCF0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_0ce74a58811fd5fc784b060520739160.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer
https://sub4.mafinet.store/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
none
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
ad-auction-allowed
true
age
296026
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
br
content-length
938
content-type
text/html; charset=UTF-8
date
Fri, 23 May 2025 23:12:43 GMT
etag
W/"fc893948c3efc689b5b19d8a77958e23"
last-modified
Thu, 22 May 2025 18:40:34 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1747939233943811
x-goog-hash
crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2408
x-guploader-uploadid
AAO2VwrfOjWZipo8QMWReY5s9ljfdhP-81TXriHEAd6i506iwjG7orCdAjM-zLuhOaBCGAw
js
api.bounceexchange.com/state/ 		708 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/state/js?website_id=7535&device_id=7995702926606880532&visit_id=1748337989478354
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_0ce74a58811fd5fc784b060520739160.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
d890f413f613127f253d7c7ac1cffd0a8b66ae92307ed26a43ffabc43a49cee4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

x-envoy-upstream-service-time
0
x-envoy-decorator-operation
tag-state-service.tag-state.svc.cluster.local:80/*
request-id
d0qoaha3eahc0gud9elg
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
708
date
Tue, 27 May 2025 09:26:29 GMT
content-type
text/plain; charset=utf-8
vary
Origin
load.js
pm-widget.taboola.com/timesinternetlimited-timesofindia/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/timesinternetlimited-timesofindia/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/timesinternetlimited-timesofindia/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f2e735ff3142a65ff816a8ebc28d03a009e21e91e12c7bca0638ce3573237f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
gzip
x-amz-version-id
IN5ne1fAwFZXGg0T7ch28IjEbE4yj85c
etag
"6c34f3d38827a3c5c4874fa792a70b35"
age
2359
x-cache
HIT
date
Tue, 27 May 2025 09:26:29 GMT
last-modified
Thu, 29 Feb 2024 06:25:32 GMT
x-served-by
cache-ams21027-AMS
x-cache-hits
5
content-type
application/javascript; charset=utf-8
x-amz-id-2
73MtHOU2+09wrFWkhasET8868KRzvy4B7poOhD86D358kIrJWSTgTqEKYuwkjzRojxdnAXR2TUU=
vary
Accept-Encoding,
cache-control
max-age=3600
x-timer
S1748337990.583775,VS0,VE0
via
1.1 varnish
x-amz-request-id
H76188H8AHQBTVAZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1119
server
AmazonS3
json
trc.taboola.com/timesinternetlimited-timesofindia/trc/3/ 		15 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/timesinternetlimited-timesofindia/trc/3/json?llvl=2&tim=11%3A26%3A29.577&lti=trecs&pubit=i&t=1&data=%7B%22id%22%3A%2253801%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22vi%22%3A1748337989577%2C%22cv%22%3A%2220250527-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsub4.mafinet.store%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fsub4.mafinet.store%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A6961%2C%22dh%22%3A17354%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22Mid%20Home%20Thumbnails%22%2C%22orig_uip%22%3A%22Mid%20Home%20Thumbnails%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-6x1%3Aabp%3D0%22%2C%22cd%22%3A2916.52%2C%22mw%22%3A1168%7D%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CMid%20Home%20Thumbnails%3Dthumbnails-6x1%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1748336590554%2C%22wc%22%3Atrue%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/timesinternetlimited-timesofindia/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
66dcb6b823999216231ed0efec78c627be41851dc4f9606fa32b6bf07ebbd60a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Tue, 27 May 2025 09:26:29 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-ams21027-AMS
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
769
x-timer
S1748337990.591917,VS0,VE365
x-vcl-time-ms
365
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.81625
accept-ranges
bytes
access-control-allow-origin
https://sub4.mafinet.store
x-service-version
v1
server
nginx
/
beacon.taboola.com/ 		0
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.taboola.com/?ab=trecs&pub=timesinternetlimited-timesofindia&trecsImpl=before&start=0&end=0
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/timesinternetlimited-timesofindia/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1748337990.623501,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://sub4.mafinet.store
x-cache
HIT
date
Tue, 27 May 2025 09:26:29 GMT
content-type
x-served-by
cache-ams21027-AMS
server
Varnish
x-cache-hits
0
2688148-ff9a6ba77ed9339b5b52ee8bb6faa862.js
assets.bounceexchange.com/cache/7535/campaigns/ 		72 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/cache/7535/campaigns/2688148-ff9a6ba77ed9339b5b52ee8bb6faa862.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_0ce74a58811fd5fc784b060520739160.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b7fd08f0e15ed9ae1d7bfa67afe953263b76647a51599e54ed90386c0941e9cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
x-goog-hash
crc32c=n6Qdtg==, md5=QfsDgK9MEvNGeWxy8xhGMA==
content-encoding
br
etag
W/"41fb0380af4c12f346796c72f3184630"
age
44270
ad-auction-allowed
true
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
73807
date
Mon, 26 May 2025 21:08:39 GMT
last-modified
Tue, 20 May 2025 20:58:03 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
ABgVH8_ow0DYQeNjzyLtccrUPs8d0ebVcB3jeiRAFcF5hWB801bUf8_CdUr8UZYN4HswvjVC
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1747774683396152
content-length
6216
server
UploadServer
pmk-20220605.3.js
pm-widget.taboola.com/timesinternetlimited-timesofindia/ 		84 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/timesinternetlimited-timesofindia/pmk-20220605.3.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/timesinternetlimited-timesofindia/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dcf9378e39766df6d8ca3900de1ade52bf2fd60063f810ff59a8a348dff3494d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://sub4.mafinet.store
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
gzip
x-amz-version-id
vIJ6YbAiWWMqrvvAgqqrjq.Xo7nGtsud
etag
"7bacdb60bbf4f6d6dfa0ffdf28c48225"
age
620474
access-control-allow-methods
GET,POST,PUT
x-cache
HIT
date
Tue, 27 May 2025 09:26:29 GMT
last-modified
Thu, 29 Feb 2024 06:25:32 GMT
x-served-by
cache-ams21050-AMS
x-cache-hits
1682
content-type
application/javascript; charset=utf-8
x-amz-id-2
7um7UU6F5OqQdDx3u9UC8/+fEhCvemUDO2zTyi9o0Sd8/VRM4kOCB7yDvG5y4p2AYLOX+ANOdeM=
vary
Accept-Encoding, ,Origin
cache-control
max-age=31536000
x-timer
S1748337990.628537,VS0,VE0
via
1.1 varnish
x-amz-request-id
X2TX0K46K1GNRK6W
accept-ranges
bytes
access-control-allow-origin
*
content-length
24291
server
AmazonS3
2688150-21382530402ca486f3be972d4914ac01.js
assets.bounceexchange.com/cache/7535/campaigns/ 		48 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/cache/7535/campaigns/2688150-21382530402ca486f3be972d4914ac01.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_0ce74a58811fd5fc784b060520739160.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e4ba8fcc5191cee5f977cebc31e4c0920ae82dc324790ea863d766ecd425e202

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
x-goog-hash
crc32c=Rx2CIA==, md5=HrSPVow1ZuYFsi5zLzr34w==
content-encoding
br
etag
W/"1eb48f568c3566e605b22e732f3af7e3"
age
48682
ad-auction-allowed
true
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
49020
date
Mon, 26 May 2025 19:55:07 GMT
last-modified
Tue, 20 May 2025 20:58:03 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
AAO2Vwr0io8wu-UUFfkMr7fAXSc4YAX8lknbe2wbfen6Lir7NhV5bUOJj9cWNzpdtVp_80S3hE03VrKNtC2NVQ
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1747774683206182
content-length
5170
server
UploadServer
2688152-a38ea70c664309d8f5deb5b6349b78c7.js
assets.bounceexchange.com/cache/7535/campaigns/ 		66 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/cache/7535/campaigns/2688152-a38ea70c664309d8f5deb5b6349b78c7.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_0ce74a58811fd5fc784b060520739160.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
25ab4b858e0351cbc84268967e53ee91357e483a1371ebec7cf435e0cfa9649e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
x-goog-hash
crc32c=yqoZlg==, md5=e3g7jbuAzNEXXaWN8Vy/7Q==
content-encoding
br
etag
W/"7b783b8dbb80ccd1175da58df15cbfed"
age
317422
ad-auction-allowed
true
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
67386
date
Fri, 23 May 2025 17:16:07 GMT
last-modified
Tue, 20 May 2025 20:58:03 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
AAO2VwquizZ2r95CFEZoFaJhNbs9K87NuG4Ya0iQiy8rilCLt6PCZ7JoBrs5LL-Fn4B3iU8FPH9IofU
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
none
access-control-allow-origin
*
x-goog-generation
1747774683452264
content-length
5910
server
UploadServer
ixmatch.html
js-sec.indexww.com/um/ Frame 6081 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_c57a7ca3cc68847fdee43e653f3334c7.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://sub4.mafinet.store/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

age
1055
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
94647893aca337c0-AMS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 27 May 2025 09:26:29 GMT
expires
Tue, 27 May 2025 13:26:29 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 90CF 		269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_c57a7ca3cc68847fdee43e653f3334c7.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://sub4.mafinet.store/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Tue, 27 May 2025 09:26:29 GMT
etag
"10d-629840acea280-gzip"
last-modified
Wed, 18 Dec 2024 04:42:34 GMT
server
Apache/2.4.62 (Debian)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D03C 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_c57a7ca3cc68847fdee43e653f3334c7.br.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.185.43 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-185-43.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a88123f7890e58349e3a64226c716be9d346a42ba76e542a8ebdd30026a89604

Request headers

Referer
https://sub4.mafinet.store/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=20804
content-encoding
gzip
content-length
6694
content-type
text/html
date
Tue, 27 May 2025 09:26:29 GMT
expires
Tue, 27 May 2025 15:13:13 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
creatives-base-styles.a53944a2.min.css
assets.bounceexchange.com/tag/css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/tag/css/creatives-base-styles.a53944a2.min.css
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_0ce74a58811fd5fc784b060520739160.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
286a9eb90b3236f3c77e9cd147b524d542d53ba83973de175c45be3eb1147805

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

x-goog-metageneration
1
access-control-expose-headers
etag, Content-Type
content-encoding
gzip
x-goog-hash
crc32c=lLRhfg==, md5=VPYb3L+2+BQnyKaAP0iwLw==
etag
"54f61bdcbfb6f81427c8a6803f48b02f"
age
99814
ad-auction-allowed
true
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
6053
date
Mon, 26 May 2025 05:42:55 GMT
last-modified
Tue, 13 Dec 2022 17:12:22 GMT
content-type
text/css
vary
Accept-Encoding
x-guploader-uploadid
AAO2Vwo5b6SHsi0Jl3IZ1p43-x6ygVX4Brn-_i9lTbtE5dRWE8UfplgJYLmVAbXVPYC9uNRn
cache-control
public,max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1670951542233151
content-length
6053
server
UploadServer
visit
events.bouncex.net/track.gif/ 		42 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoANARm8oGYAQmwAyITLAAebSQA4AbAH15AFgCUbAIIAHbaQQB1BACMA0lBoN+Adkb95bdqYASAFTwiaAYTakQAawQ2AHEEAGN-Ag1qZi8ACyQCAFsgum57FkzWGIBlFAAzFCQQS3obO3kAMlAIGCQEfOR6pBxq8ChoCkwAE3E0bXQEWCRSHDjISG0wAU1LSzBYYxVGJILxBEhGMEgCess22uh6sAJSWEgQAkxJHG55ZmYDjuPT88vMAE9bmMeajrD4DsksAiiAUMZ9GAcJRrMJqNQwlcLhIEIp6ihepg0Io-hDUtQZjRqIVSIgiTCACJPGCIgj+EAIaGwom9brk-izeHWACc3Po1mY1G51Hk93kslkzDKBPh3iJoDZso53GsKlk-Bs3Nk3JU1nV9BUcvh+WAkHZmhVao1PO1RuoKAI5uyPnhpG05qJ40m0w5czoCyWKzWmA2Wx2ezo5OoLvt0yVmmd8u0wHNfGj8rjBI5ifhSA9soLMbCptTqvVmtt6fhEEVWc0AFo0zG0GE8-H+E2iUknXbSCX45byzbuXba4T4WOqwiUEkBiA0JhM4TmfCRRLuGqPSvqMAU-Gc9Q+2aB2XrVqR9YKXa17JuPRsnWYXCd3u6wej6WrRWL1epze7zKj7bruPZTh+J5fsOlLQVOr7LsIl6UpU8DIIM2DQMYiQAO6IC08SJCkyG4WhMDAMgEBXLcGTMFkRGoRg6F6CgkD5LsSQ4GIEiSHRqAMTA3QIKAYQbB82iMgJYD+Ds2iVAC2zJMg0BxCgYCIpgZFIJACDdDgjwYAQ0DaAQ2woKQiICbczDclU+nQGEUBfJoSTbMg3QzpUtlqciWCQOZjIAKIAKoeQgBn1Gg7w4AAcs4IVhQgEVXJgM6MlFuyQHEbDOKcXTdHFdkELA2BIB8yUpDgrhxKkzBRRsVUjCgPRgPliJFZAJV+dFIgtYVxUfH5-BdVStkUBckCwBZ9DUHY+WkFcEXjRZyzcpU9RzRiXgznOC5gAAatQtyVEkBAWY8WEmLUCAgDp1hlPQ1LXbcp7frq+oqJUAlCVdN28vygrCqKzDipK0qVAMGCgAgWGPdwlSIAAjrAWDCY9jxhH4PkXCkJmzk9kHnvIZSyRj2AoNoIAaRRmA4JA6D8B9gkgMJOB5RlIBIN0igDJpHyKPJvGor0YDgvoOkkoglSQEQBA4I2MRw4VSDM+dxiVCROAoUgQA
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
1
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 27 May 2025 09:26:29 GMT
content-type
image/gif
pageview
events.bouncex.net/track.gif/ 		42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1NhyARgCwB0AtiAGYwB2EXG0K4A9qgj0AZKEiwEiAMbIRojlBCoYIJugiFMxAOwAhalUWi+ufsggB9CSAAm-MPdiEYuyVSplKP24QdEJffyMAERlwaDgkS1EAazgvAC8ITFIqIxi5eKUQPisYRRCcfCIA+nobDn1RXj5XEDZ+Frr9NksOaVk4hUSUhzFRe3RNSExg0Ig8gYTRZLh7XABPYEzSYFD5+UXlh3TMgEYTliopHuAlDmBMAAYrtRvcRW5H57uUQnun68QYGAfz2BSKimw4kQ3FEyGaiCoADYABzI87Iz79faIcGQ1DQ2HwpGok4AVionwk6FELgAwiA7iAYGA+IQAGoUk5SDiiZyZJ7wCBMLy4CAwZyYIyk0ikqSeGA2CUnIwsZGkUhGACcyM1LCMatJLCkfNgijFEq1mtJRgeVE1SMRDxRyIe0suWPi4swXLCAEc7HwzV6uYp0HBrJ0RAz7srVeqtTrEYiQ2GINYQMAYFAIKgvFZMLhwKRjXEzZhnFJcNgYKhnPZQKh1vZVKhYvZXIQdHoJTMwpW0qJMABaE5UJ6EWGoMuCphSWLWTAqHNAA
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 27 May 2025 09:26:29 GMT
content-type
image/gif
cmp
events.bouncex.net/track.gif/ 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/cmp?wklz=E4UwNg9ghgJgwlAtgBygSwOYDsDOA1AJgF4BGAMkQhhCIAYyB3EAIxzQBcQ0YiB2AVgDM-MgDc0bdt1K8ALAA5Bg3gE55K2b0X9ZZauIDGXHqpX9etAioIA2G7Rvz5tIQTKoMIcSAbTyOEABHAFcQLCNpNwMwNDD2KUQQHHYkZBkFJVV1O14yaNisFOQ0URBgNggsIhSMQT0vNCMiGDJ2AAs0YBgAfVRgdgBPbuSIYChPbpgJKGYwEB4AMygwANaALwgiAFoSAnocCGDgJqZmMnG4omCA4CA
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 27 May 2025 09:26:29 GMT
content-type
image/gif
usermatch
ssum-sec.casalemedia.com/ Frame CA16
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
822 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8350f13ddbccf0270ffb39d050af395ab69ad23d1fa7a3f9c8acb796f5da0036

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
9464789449962908-AMS
content-encoding
br
content-type
text/html
date
Tue, 27 May 2025 09:26:29 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fi4Oe59QkTSPvgoITS5fVyM1JrHxL5uVCMr4loLayDApPsJ75p21QE6G8eIvdSGoGt4hzlUO0yce9ydhKD5%2FhZl4AqmzyqUkM60uYQud3cUTt01p2mgDGo7h1Q9tad9%2F9mwBEbHeXqRX7A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
9464789419322908-AMS
content-length
0
date
Tue, 27 May 2025 09:26:29 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FKcC8sKTX9ZuLs%2Ba1pD441NKZ4Recq9YZhlINxsbhiEnccimr%2FVLx3LW16ocUN8NHaHXoe8sjaumEU1d4NTyoDNLBBAHh5RmM0nT6UDTcpsn4TKbRbCohyErv%2BBChuJhFN4lqpwd7%2Bmi4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 90CF 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) / PHP/8.3.13
Resource Hash
7b230772796291d29a31c3fb51dc288307930477a442296c33aa21cdce751bb6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east

Response headers

cache-control
max-age=79143
content-encoding
gzip
expires
Wed, 28 May 2025 07:25:32 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11387
date
Tue, 27 May 2025 09:26:29 GMT
last-modified
Tue, 27 May 2025 07:25:32 GMT
x-powered-by
PHP/8.3.13
server
Apache/2.4.62 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame D03C 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65844012&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 27 May 2025 09:26:29 GMT
content-length
0
khaos.json
token.rubiconproject.com/ Frame 90CF 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://eus.rubiconproject.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
9db1556130a9e92b896eecae836f6a70
content-length
7
content-type
application/json; charset=UTF-8
casale
match.adsrvr.org/track/cmf/ Frame CA16 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

content-length
70
date
Tue, 27 May 2025 09:26:29 GMT
content-type
image/gif
server
Kestrel
dcm
s.amazon-adsystem.com/ Frame CA16
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aDWFRVVbLV8ADimOAtreVwAAFD0AAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aDWFRVVbLV8ADimOAtreVwAAFD0AAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aDWFRVVbLV8ADimOAtreVwAAFD0AAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
98.82.157.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-157-137.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
3QKCJDSPW8PDA1W9PFH4
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Tue, 27 May 2025 09:26:30 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aDWFRVVbLV8ADimOAtreVwAAFD0AAAIB&gpp=&gpp_sid=&dcc=t
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
MVGD1T606R3S9JCD1APT
Content-Length
0
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Tue, 27 May 2025 09:26:30 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
31327
i.liadm.com/s/ Frame CA16 		0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=aDWFRVVbLV8ADimOAtreVwAA%265181&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.216.139.205 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-13-216-139-205.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
0
Date
Tue, 27 May 2025 09:26:30 GMT
trace-id
4239d93d1f5554ca
Request-Time
0
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame CA16 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=aDWFRVVbLV8ADimOAtreVwAAFD0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Tue, 27 May 2025 09:26:29 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
crum
dsum-sec.casalemedia.com/ Frame CA16
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=4eb5c132d295449fabcfed9d52b5bab0&expiration=1750929989
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=4eb5c132d295449fabcfed9d52b5bab0&expiration=1750929989
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nl3Zekv9QYgDcyQeNGbzRX6fkNHZPsJcEt8tYaXE5H9kywFTIykrYaAR1wHE7DugzohJb6g4Tm9s2JU6NN%2FQwtfzyxwI6%2FiS9glautjHpvjExoGyJTa%2B10dUVhC2UX%2F33U4m9OwnOja9cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 27 May 2025 09:26:29 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
946478950a9666a0-AMS
content-length
43
server
cloudflare

Redirect headers

cache-control
no-cache, must-revalidate
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=4eb5c132d295449fabcfed9d52b5bab0&expiration=1750929989
pragma
no-cache
via
1.1 google
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
302
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CUR OUR NOR"
content-length
0
x-xss-protection
1; mode=block
date
Tue, 27 May 2025 09:26:29 GMT
content-type
text/html;charset=UTF-8
rum
dsum-sec.casalemedia.com/ Frame CA16
Redirect Chain
  • https://s.c.appier.net/index?userId=aDWFRVVbLV8ADimOAtreVwAA%265181&gdpr=&us_privacy=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=203&external_user_id=GDuFlnlkCPuMKW1oRoU1aA&gdpr=1
43 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=203&external_user_id=GDuFlnlkCPuMKW1oRoU1aA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=25fC123kcd7klWRMoZIHezaeZ12ztM%2Fk6850aJNfkptvKZlWwEx6mHpOFsq7VBGbFcFEUh7HW98AqZzWvXwR1PYM6hNHspucnS0699gTxKJc0JoAk49V9F6qfwemI6OTJ8Rh%2FciCltUdqw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 27 May 2025 09:26:30 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
94647899bdda66a0-AMS
content-length
43
server
cloudflare

Redirect headers

Cache-Control
no-store
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=203&external_user_id=GDuFlnlkCPuMKW1oRoU1aA&gdpr=1
Accept-Ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
Connection
keep-alive
Content-Length
0
P3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date
Tue, 27 May 2025 09:26:30 GMT
Server
nginx
pixel
cm.g.doubleclick.net/ Frame CA16
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aDWFRVVbLV8ADimOAtreVwAA
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aDWFRVVbLV8ADimOAtreVwAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Tue, 27 May 2025 09:26:29 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4EPyW6jbNbQ7Pu1Exdk7EM42OlxUZ9XOM%2BzDbS8iiThOISkoKv3SPI3wP1k1GeoEDCbHGV18nh9gCXX07hG1alIRthVOrLNyrpWvpK15%2FHl4kAtgiV9HaozTvZkF%2FN3cbCbireDmjVni1w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 27 May 2025 09:26:29 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
location
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aDWFRVVbLV8ADimOAtreVwAA
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
94647894ca4a66a0-AMS
content-length
0
server
cloudflare
crum
dsum-sec.casalemedia.com/ Frame CA16
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1801426616012069664&expiration=1749547590
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1801426616012069664&expiration=1749547590
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bE9LbCH0cqtndeNM%2Bo6T8Ncn7mos55B9Fy%2B7nWmy0%2BYlWMR2MwwR2PpxNQrROSlfjKpQdyFFzdBHA368%2F11cAXJqyM%2Fkidqwg84QYGUOv5I3uqbYs2NtVCft0N7qgOCxTrViGXWFPuXy9A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 27 May 2025 09:26:30 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
94647895aaf666a0-AMS
content-length
43
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1801426616012069664&expiration=1749547590
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET
expires
-1
access-control-allow-origin
*
content-length
0
date
Tue, 27 May 2025 09:26:29 GMT
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
htw-pixel.gif
cdn.indexww.com/ht/ Frame CA16 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?aDWFRVVbLV8ADimOAtreVwAA%265181
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cache-control
public, max-age=86400
cf-cache-status
HIT
etag
"2b-546dc3a097100"
age
19021
cf-ray
94647894ae8b37c0-AMS
expires
Wed, 28 May 2025 09:26:29 GMT
accept-ranges
bytes
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 27 May 2025 09:26:29 GMT
edge-control
cache-maxage=1h
content-type
image/gif
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
vary
Accept-Encoding
server
cloudflare
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/timesinternetlimited-timesofindia/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://sub4.mafinet.store
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
gzip
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
age
2520
x-cache
HIT
date
Tue, 27 May 2025 09:26:29 GMT
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
x-served-by
cache-ams21050-AMS
x-cache-hits
2726
content-type
application/javascript
x-amz-id-2
2+XkBhGg+z3JEvVLS7BCp3tZdtqO0gqd9d7ShqgoK/iei131KtoIJHolgaOWERJubXbi1oaztIs=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private, max-age=3600
x-timer
S1748337990.978273,VS0,VE0
via
1.1 varnish
x-amz-request-id
0AZ8ZD8YB7DV6H60
accept-ranges
bytes
access-control-allow-origin
*
abp
13
content-length
1347
server
AmazonS3
x-amz-server-side-encryption
AES256
fraud-detect.js
cdn.taboola.com/scripts/ 		121 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/timesinternetlimited-timesofindia/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://sub4.mafinet.store
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
gzip
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
age
27225
x-cache
HIT
date
Tue, 27 May 2025 09:26:29 GMT
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
x-served-by
cache-ams21050-AMS
x-cache-hits
18305
content-type
application/javascript
x-amz-id-2
K6QXy9weA7Xfk224lmYV4u0MhUL2zovgmRVv8E6uHDgqPPkwrbAYgyYiNgUeUh/l4S6PbHbjgNU=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=14400
x-timer
S1748337990.978334,VS0,VE0
via
1.1 varnish
x-amz-request-id
SZKMXPW7TK22GJAT
accept-ranges
bytes
access-control-allow-origin
*
abp
19
content-length
125
server
AmazonS3
x-amz-server-side-encryption
AES256
c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
gzip
etag
"11d8569a7da0739259e3ac0b0d666e94"
x-amz-version-id
3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
age
41
access-control-allow-methods
GET
x-cache
HIT
date
Tue, 27 May 2025 09:26:29 GMT
last-modified
Sun, 10 Jun 2018 13:23:55 GMT
x-served-by
cache-ams21027-AMS
x-cache-hits
5
content-type
image/svg+xml
x-amz-id-2
FZcuiXxDz4WCz1Jk0GXCWxSosaIxeO21mlRSVbVXfOK5EUplDGEh12vjwKSAA1CetTS+SxXmq/jPm6yWQrfXmJDJt+V+FzD1
access-control-allow-headers
*
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=31536000
x-timer
S1748337990.987280,VS0,VE0
via
1.1 varnish
x-amz-request-id
62C1WHBKVS0Z9400
accept-ranges
bytes
access-control-allow-origin
*
abp
9
content-length
1502
server
AmazonS3
social
am-trc-events.taboola.com/timesinternetlimited-timesofindia/log/3/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/timesinternetlimited-timesofindia/log/3/social?lti=trecs&ri=a6a1247a3df486ee623973d26d916460&sd=v2_7444efc51e9ae694ed0a4b0a0a968106_cd168cd1-ee0c-48fd-b6f2-b046cc287c3a-tuctf2f0ac5_1748337989_1748337989_CIi3jgYQ3YBkGMmvwojxMiABKAEwoQE4l-oLQJuXEEigg9sDUP___________wFYAGAAaKOgrbqQrOHF-gFwAIABAA&ui=cd168cd1-ee0c-48fd-b6f2-b046cc287c3a-tuctf2f0ac5&pi=%2F&wi=-6623866544784058407&pt=home&vi=1748337989577&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fsub4.mafinet.store%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22News%20-%20Breaking%20News%2C%20%20Latest%20News%2C%20India%20News%2C%20World%20News%2C%20Bollywood%2C%20Sports%2C%20Business%20and%20Political%20News%20%7C%20Times%20of%20India%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fstatic.toiimg.com%2Fphoto%2F47529300.cms%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/timesinternetlimited-timesofindia/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://sub4.mafinet.store/

Response headers

access-control-allow-origin
https://sub4.mafinet.store
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 27 May 2025 09:26:30 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
pixel-taboola
www.temu.com/api/adx/cm/ Frame 7127
Redirect Chain
  • https://sync.taboola.com/sg/temurtbnative-network/1/rtb/
  • https://www.temu.com/api/adx/cm/pixel-taboola?id=f6b454d7-b524-4e02-b908-e5de67fc002c-tuctf2f0ac6
0
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.temu.com/api/adx/cm/pixel-taboola?id=f6b454d7-b524-4e02-b908-e5de67fc002c-tuctf2f0ac6
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Server
104.18.43.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000
yak-timeinfo
1748337990192|3
cf-cache-status
DYNAMIC
content-security-policy-report-only
default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
cf-ray
946478968cca294e-AMS
x-gateway-request-id
1748337990192-69f018b07a5427fbfe1084eb491143db-20
cip
185.65.134.154
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 27 May 2025 09:26:30 GMT
server
cloudflare

Redirect headers

x-fastly-to-nlb-rtt
12749
location
https://www.temu.com/api/adx/cm/pixel-taboola?id=f6b454d7-b524-4e02-b908-e5de67fc002c-tuctf2f0ac6
date
Tue, 27 May 2025 09:26:30 GMT
server
nginx
access-control-allow-credentials
true
setuid
ib.adnxs.com/ Frame 7127 		0
0
munified.htm
ade.clmbtech.com/cde/2658/3/ 		7 B
256 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ade.clmbtech.com/cde/2658/3/munified.htm
Requested by
Host: static.clmbtech.com
URL: https://static.clmbtech.com/ad/commons/js/2658/toi/colombia_v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f546 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
cache-control
private
x-identifier
36995312-ddc8-40d7-8582-f5dfa7fc0a59
x-content-type-options
nosniff
access-control-allow-origin
*
content-length
7
x-xss-protection
1; mode=block
date
Tue, 27 May 2025 09:26:30 GMT
content-type
text/plain;charset=ISO-8859-1
content-disposition
inline;filename=f.txt
server
Bhoot
x-frame-options
sameorigin
ads
pagead2.googlesyndication.com/gampad/ 		498 B
246 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=692032044955955&correlator=2159367926662488&eid=31092678%2C95353384%2C83321072%2C95340253%2C95340255&output=ldjh&gdfp_req=1&vrg=202505200101&ptt=17&impl=fifs&iu_parts=23037861279%2CTOI_WEB%2CTOI_WEB_HOME%2CTOI_WEB_HOME_HP%2CTOI_WEB_HOME_HP_INNOV&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=1&dids=d371ff1b-7905-413a-97b5-b964ce&adfs=1002513966&sfv=1-0-45&ists=1&eri=1&sc=1&abxe=1&dt=1748337990296&lmt=1748337843&adxs=0&adys=17592&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsub4.mafinet.store%2F&vis=1&psz=1600x17591&msz=1600x0&fws=1028&ohw=1600&topics=5&tps=5&htps=5&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1748337988587&idt=382&prev_scp=name%3D%2522gutter%2522%26failover%3D%255B%257B%2522adCode%2522%253A%2522%252F23037861279%252FTOI_WEB%252FTOI_WEB_HOME%252FTOI_WEB_HOME_HP%252FTOI_WEB_HOME_HP_SKINNER_LHS%2522%252C%2522size%2522%253A%255B%255B125%252C600%255D%252C%255B160%252C600%255D%252C%255B120%252C600%255D%255D%252C%2522divId%2522%253A%2522TOI_appgutter_left%2522%252C%2522perpetualRefresh%2522%253A1%257D%252C%257B%2522adCode%2522%253A%2522%252F23037861279%252FTOI_WEB%252FTOI_WEB_HOME%252FTOI_WEB_HOME_HP%252FTOI_WEB_HOME_HP_SKINNER_RHS%2522%252C%2522size%2522%253A%255B%255B125%252C600%255D%252C%255B160%252C600%255D%252C%255B120%252C600%255D%255D%252C%2522divId%2522%253A%2522TOI_appgutter_right%2522%252C%2522perpetualRefresh%2522%253A1%257D%255D&cust_params=amznbid%3D0%26amznp%3D0%26_uid2%3D0%26sg%3D%26aud_flag%3Dfalse%26Meta_Keywords%3DNews%252C%2520Breaking%2520news%252C%2520Latest%2520news%252C%2520Live%2520news%252C%2520Today%2520news%252C%2520News%2520Today%252C%2520India%2520news%252C%2520English%2520news%252C%2520Politics%2520news%252C%2520Top%2520news%2520in%2520India%26Content_URL%3Dhttps%253A%252F%252Ftimesofindia.indiatimes.com%26SCN%3Dhome%26Tmpl_SCN%3Dhome%26Channel%3Dtoi%26loggedin%3Dno&adks=177032085&frm=20&pbbce=1&td=1&tan=895c3671-8445-4a5a-b57d-54b06746a5f8&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
afcb991af201b252fd0a2598dc6d4e74e1d4837e19625cdaecfd13469c294a80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
br
google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 27 May 2025 09:26:30 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://sub4.mafinet.store
content-length
217
x-xss-protection
0
server
cafe
container.html
1eded9e14ce9ab5d9e8959151fc7e8be.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 2567 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1eded9e14ce9ab5d9e8959151fc7e8be.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sub4.mafinet.store/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 May 2025 09:26:30 GMT
expires
Tue, 27 May 2025 09:26:30 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
576 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1075035
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b530944ec82d1a27ab57edb07a162c96ceff7868e7fa47cae6828e38e214995

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NGc9VR67mgFUBIP46FNIJhv3piAJay7X5lLnyMq%2F32zabzmbSSzCInuyHW9ylmQb59fBKx8%2FhkMmn%2BtG6cjiHqFPdCDOYDXh2ISRR6cf3yzV%2FlvQUw0ObhL5BA0g9KGgGmKvfXPJ"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
94647897add79717-AMS
access-control-allow-origin
https://sub4.mafinet.store
content-length
36
server
cloudflare
pbjs
jambojar-prebid.attekmi.com/ 		2 B
245 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jambojar-prebid.attekmi.com/pbjs
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.82.125 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

Access-Control-Allow-Origin
https://sub4.mafinet.store
Content-Length
2
Date
Tue, 27 May 2025 09:26:30 GMT
Content-Type
application/json
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
prebid.htm
ade.clmbtech.com/cde/ 		0
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
297 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
7aba8a29e54ca4b148b7aa5834b67a3ad9a3fd91ccf73b10658ea934b21d3ca0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
gzip
x-forwarded-for
185.65.134.154
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://sub4.mafinet.store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Tue, 27 May 2025 09:26:30 GMT
content-type
text/plain
vary
Origin
bid-request
a.teads.tv/hb/ 		16 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.149.198 Santiago, Chile, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-149-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Tue, 27 May 2025 09:26:30 GMT
access-control-allow-origin
https://sub4.mafinet.store
content-length
42
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/json
vary
Accept-Encoding
timesinternet
direct.adsrvr.org/bid/bidder/ 		0
422 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/timesinternet
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.223.6.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8c33d2b6751b365d.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

x-openrtb-version
2.3
cache-control
private
access-control-allow-credentials
true
access-control-allow-origin
https://sub4.mafinet.store
content-length
0
date
Tue, 27 May 2025 09:26:29 GMT
content-type
application/json
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, x-integration-type
prebid
krk2.kargo.com/api/v1/ 		2 B
565 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.233.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-233-188.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-encoding
gzip
accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
pragma
no-cache
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
nbr
532
access-control-allow-origin
https://sub4.mafinet.store
content-length
26
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/json; charset=UTF-8
vary
Origin, Accept-Encoding
x-accel-expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		471 B
682 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=4642&site_id=534328&zone_id=3277360&size_id=15&p_pos=atf&eid_pubcid.org=101e4a03-a8a2-48de-adb3-b6f965015fda%5E1%5E%5E%5E%5E%5E&rf=https%3A%2F%2Fsub4.mafinet.store%2F&kw=News%2C%20Breaking%20news%2C%20Latest%20news%2C%20Live%20news%2C%20Today%20news%2C%20News%20Today%2C%20India%20news%2C%20English%20news%2C%20Politics%20news%2C%20Top%20news%20in%20India&tg_i.domain=sub4.mafinet.store&tg_i.page=https%3A%2F%2Fsub4.mafinet.store%2F&tg_i.documentLang=en&tg_i.pbadslot=%2F23037861279%2FTOI_WEB%2FTOI_WEB_HOME%2FTOI_WEB_HOME_HP%2FTOI_WEB_HOME_HP_MREC_1_HD&tk_flint=pbjs_lite_v9.43.0&x_source.tid=393cf26e-aa35-4652-8505-c95552067e3e&l_pb_bid_id=17d516e3e8c750b&p_screen_res=1600x1200&rp_floor=0.55&rp_secure=1&x_imp.ext.tid=da91d6b7-66b6-42f7-86dd-a36fb0c6dde8&rp_maxbids=1&p_gpid=%2F23037861279%2FTOI_WEB%2FTOI_WEB_HOME%2FTOI_WEB_HOME_HP%2FTOI_WEB_HOME_HP_MREC_1_HD&m_ch_mobile=%3F0&slots=1&rand=0.16841310693785916
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
73305563d26216f7d533844a1068d0bb3be1a590326abd28d2be399806a78ac1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://sub4.mafinet.store
content-length
471
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
prebid
ib.adnxs.com/ut/v3/ 		53 B
620 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
185.65.134.154; 185.65.134.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://sub4.mafinet.store
an-x-request-uuid
45ef5429-80fd-4756-94c0-260086661898
content-length
53
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 27 May 2025 09:26:30 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
prebid
prebid.media.net/rtb/ 		0
0
request
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 		0
225 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.43.0&cb=74043889167&lsavail=1
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::27 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://sub4.mafinet.store
date
Tue, 27 May 2025 09:26:30 GMT
vary
Origin
server
Kestrel
v1
btlr.sharethrough.com/universal/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.159.236.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-159-236-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://sub4.mafinet.store
access-control-allow-credentials
true
auction
display.bidder.taboola.com/OpenRTB/TaboolaHB/ 		0
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://display.bidder.taboola.com/OpenRTB/TaboolaHB/auction?publisher=1781492
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

x-openrtb-version
0.0
x-envoy-upstream-service-time
2
x-timer
S1748337990.371817,VS0,VE5
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://sub4.mafinet.store
x-cache
MISS
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/json;charset=utf-8
x-served-by
cache-ams21045-AMS
server
nginx
x-cache-hits
0
x-nlb
nlb-bidder401
/
prebid.smilewanted.com/ 		0
334 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-ray
94647897dce81606-AMS
expires
-1
access-control-allow-origin
https://sub4.mafinet.store
date
Tue, 27 May 2025 09:26:30 GMT
server
cloudflare
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebidjs
api.w.inmobi.com/openrtb/bidder/ 		0
0
auction
bidding.rediads.com/openrtb2/ 		278 B
633 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidding.rediads.com/openrtb2/auction
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.126.254.234 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
d03daa219cb460fae76caf98ffe562290fb427e443d748d8dbc250369c774574

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
0
access-control-allow-origin
https://sub4.mafinet.store
content-length
278
date
Tue, 27 May 2025 09:26:31 GMT
x-prebid
pbs-go/1.4.6
content-type
application/json
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
283 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials
true
observe-browsing-topics
?1
pmfcgi-resp
TRUE
access-control-allow-origin
https://sub4.mafinet.store
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 27 May 2025 09:26:30 GMT
server
nginx
config
c.amazon-adsystem.com/cdn/prod/ 		946 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5025&u=https%3A%2F%2Fsub4.mafinet.store
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d2dae21f9129a58eab4e0a44f21317af32fee82552774a9f5106464e64816775

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
access-control-allow-origin
https://sub4.mafinet.store
x-cache
Miss from cloudfront
content-length
946
x-amz-cf-id
4wVScREgrZddHfIkcEM-BLGTgV5ieJmjtQFZa24zkxt_zSyc_ij7vA==
date
Tue, 27 May 2025 09:26:28 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA56-P6
server
Server
bid
aax.amazon-adsystem.com/e/dtb/ 		66 B
418 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5025&u=https%3A%2F%2Fsub4.mafinet.store%2F&pid=95tafoJfZIcWJ&cb=0&ws=1600x1200&v=25.520.1758&t=1200&slots=%5B%7B%22sd%22%3A%221517220297485%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F23037861279%2FTOI_WEB%2FTOI_WEB_HOME%2FTOI_WEB_HOME_HP%2FTOI_WEB_HOME_HP_MREC_1_HD%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A55%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&rt=j
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.123.205 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-123-205.fra60.r.cloudfront.net
Software
Server /
Resource Hash
854c59da152f6eee070e91bfcae8848f37d50546b827990c541e097d1b28a3e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
access-control-allow-origin
https://sub4.mafinet.store
x-cache
Miss from cloudfront
content-length
83
x-amz-cf-id
WzaSg_vtgJ-0CA90xDQTa1PRBuQ1297dijdmYvYlU3e9tKoW3F2ERQ==
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA60-P2
server
Server
onBidderError
sync.inmobi.com/report/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sync.inmobi.com/report/onBidderError
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.212.104.44 Washington, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
44.104.212.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

via
1.1 google
access-control-allow-origin
https://sub4.mafinet.store
content-length
0
date
Tue, 27 May 2025 09:26:30 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials
true
72187.44335cb7.chunk.css
assets.toiimg.com/assets/ 		133 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/72187.44335cb7.chunk.css
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f553 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
2673fb5deeff168e256e67693d2e6277d60ae0cfa5654a215d66301138f48f7e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"55dd84d0d2712be7ffe903a09055237f"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
text/css
last-modified
Mon, 26 May 2025 12:59:03 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
x-amz-request-id
tx00000667bba6cf02b5bdf-00683467df-ca65104b-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
21957
67872.d3ab8007.chunk.css
assets.toiimg.com/assets/ 		282 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/67872.d3ab8007.chunk.css
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f553 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
3bd381d3c51e44fbda0de9f48883e6dfaa66f34f6bacfb7e844053a617026801

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"304c55bca98cb06950909a01ea6b3152"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
text/css
last-modified
Mon, 26 May 2025 12:59:03 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
x-amz-request-id
tx000004f2bf897e2ecfbbe-0068346614-ca5671eb-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
41241
11390.cc68f335.chunk.css
assets.toiimg.com/assets/ 		107 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/11390.cc68f335.chunk.css
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f553 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e4912251f80ba5501fe283118f60a85646a827eb4dec7eb2a8ce1c3df64a2dfd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"30705994a17e64d07b53c3f0f23068de"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
text/css
last-modified
Mon, 26 May 2025 12:59:01 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
x-amz-request-id
tx00000066ea38179a6d02e-0068346856-ca65105f-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
7768
homedesktop-Home.e8de66f1.chunk.css
assets.toiimg.com/assets/ 		89 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/homedesktop-Home.e8de66f1.chunk.css
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f553 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
807c4cdc5118b9e59d76d3d7133fed8337b0debd1de32d8fc58912d52db52845

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"9d4e7e2e2f857aa17d939646f193987f"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
text/css
last-modified
Mon, 26 May 2025 12:59:08 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
x-amz-request-id
tx00000b4c7377432f96bcc-006834682b-ca567560-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
16242
87795.f1772a84.chunk.css
assets.toiimg.com/assets/ 		64 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/87795.f1772a84.chunk.css
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f553 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
c24b2d9d05410f1285f7a36b33391afe1c5e7ef323e9ac59107a9f0276daca79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
br
etag
"fdf2b3da0882f2eb799d5cdcdab720b5"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
text/css
last-modified
Wed, 07 May 2025 11:24:00 GMT
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
x-amz-request-id
tx00000085e00280540cdcb-00681b42d0-ca4bd8f9-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
10560
server
Akamai Resource Optimizer
11024.72fda2fa.chunk.css
assets.toiimg.com/assets/ 		149 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/11024.72fda2fa.chunk.css
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f553 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
10c5b124b2598952b9fafd7be47cc171a1f4ad274efa74e1a3127f34c3157967

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"351da40bc43cc8b984811f2769e649db"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
text/css
last-modified
Mon, 26 May 2025 12:59:01 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
x-amz-request-id
tx00000572597b9ed8369c0-006834683b-ca54c974-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
18000
toihomeindiadesktoplayout_old.1bcdde22.chunk.css
assets.toiimg.com/assets/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/toihomeindiadesktoplayout_old.1bcdde22.chunk.css
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f553 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
0998dca75a30d72952cb98f60d313ee0b17c19f6e24a5ffd3125d18c3d42af55

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
br
etag
"4673ca793a1c68618592b87501a5fe17"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
text/css
last-modified
Thu, 08 May 2025 11:34:00 GMT
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
x-amz-request-id
tx00000fdb49ebd4374b1a6-00681c96a7-ca4bd863-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
2409
server
Akamai Resource Optimizer
minify-1.cms
timesofindia.indiatimes.com/toiads_react_lazy/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timesofindia.indiatimes.com/toiads_react_lazy/minify-1.cms
Requested by
Host: timesofindia.indiatimes.com
URL: https://timesofindia.indiatimes.com/toiads_prebid/minify-1.cms
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-195.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
edcbe5b51d168442ae5ee884d041cdfc3558c80c5d68a2f4c2dc5b52f6cbc5a1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.timesinternet.in https://*.sli.ke https://economictimes.indiatimes.com https://navbharattimes.indiatimes.com https://m.timesofindia.com https://m.economictimes.com https://gadgetsnow.com https://www.gadgetsnow.com https://gadgetsnow.indiatimes.com https://www.google.com https://google.com https://static-toiimg-com.cdn.ampproject.org https://m-timesofindia-com.cdn.ampproject.org https://www.newspointapp.com https://timesofindia.indiatimes.com https://auto.timesofindia.com https://timesofindia-indiatimes-com.cdn.ampproject.org https://vijaykarnataka.com https://*.samayam.com https://*.iamgujarat.com https://*.indiatimes.com;
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
x-content-header
br
content-encoding
br
etag
W/"00264a844b4d6ac6df438b3abeff6126c"
access-control-allow-methods
GET,POST
content-msg
DATA_SERVED_FROM_CACHE
expires
Tue, 27 May 2025 10:18:05 GMT
alt-svc
h3=":443"; ma=93600
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript;charset=UTF-8
last-modified
Tue, 27 May 2025 08:37:57 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept
strict-transport-security
max-age=86400
content-security-policy
frame-ancestors 'self' https://*.timesinternet.in https://*.sli.ke https://economictimes.indiatimes.com https://navbharattimes.indiatimes.com https://m.timesofindia.com https://m.economictimes.com https://gadgetsnow.com https://www.gadgetsnow.com https://gadgetsnow.indiatimes.com https://www.google.com https://google.com https://static-toiimg-com.cdn.ampproject.org https://m-timesofindia-com.cdn.ampproject.org https://www.newspointapp.com https://timesofindia.indiatimes.com https://auto.timesofindia.com https://timesofindia-indiatimes-com.cdn.ampproject.org https://vijaykarnataka.com https://*.samayam.com https://*.iamgujarat.com https://*.indiatimes.com;
cache-control
public, must-revalidate, max-age=3095
x-cool
11.67
access-control-allow-credentials
false
quic-version
0x00000001
akamai-timesinternet-grn
0.03d53e17.1748337990.12ec9f2c
content-length
7032
content-language
en-US
server
Bhoot
/
geoapi.indiatimes.com/ 		90 B
580 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geoapi.indiatimes.com/?cb
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:5b5::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
3a37616963595af61c477cd624eb474636c82130f5dadf672031c0248160fd01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

Access-Control-Max-Age
86400
Cache-Control
max-age=0, no-cache, no-store
Edgescape-API
geo_region=155,country_code=NL,region_code=,city=AMSTERDAM, continent=EU
Pragma
no-cache
Connection
close
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET,POST
Expires
Tue, 27 May 2025 09:26:30 GMT
Access-Control-Allow-Origin
*
Content-Length
90
Date
Tue, 27 May 2025 09:26:30 GMT
Content-Type
text/html
Access-Control-Allow-Headers
*
bootstrap-modern_es6_module.33bc7268.js
assets.toiimg.com/assets/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/bootstrap-modern_es6_module.33bc7268.js
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0ea571a6e709709970ede3648dcb5986981f917e2b95d7201dd12b2c3cd16b9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://sub4.mafinet.store
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"cefae058ef53aacf190598657e36b314"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
alt-svc
h3=":443"; ma=93600
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
last-modified
Mon, 26 May 2025 12:59:06 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
quic-version
0x00000001
x-amz-request-id
tx00000691f474a64876f1b-00683466a5-ca21fda2-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
30867
50886_es6_module.fcc1128a.js
assets.toiimg.com/assets/ 		150 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/50886_es6_module.fcc1128a.js
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9093bcc7998d0fccbd7133a56be6972fccce28dd5f2e7d18b6df39d45c789c11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://sub4.mafinet.store
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"bb895aa6997fe11106214061b8593876"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
alt-svc
h3=":443"; ma=93600
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
last-modified
Mon, 26 May 2025 12:59:03 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
quic-version
0x00000001
x-amz-request-id
tx00000dc9d82615f430777-00683465f7-d7d1651f-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
49145
73935_es6_module.8d61b5d9.js
assets.toiimg.com/assets/ 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/73935_es6_module.8d61b5d9.js
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a483f6d69afa4c272ef9adf00847d9aa347221e8768e038909c733e84c6f161e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://sub4.mafinet.store
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"6de492f3ed2b97136a50aaf3912ca577"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
alt-svc
h3=":443"; ma=93600
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
last-modified
Mon, 26 May 2025 12:59:03 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
quic-version
0x00000001
x-amz-request-id
tx000002b3439c736aa3822-006834e610-ca54cbc7-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
40503
client_es6_module.d1fa8936.js
assets.toiimg.com/assets/ 		251 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/client_es6_module.d1fa8936.js
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-242.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
96468c11c1b9d8b2793ae94c8817d0a2b39894b39cafe2904dcbf318887ab8aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://sub4.mafinet.store
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
br
etag
"3b381867058b10396292ee46502be32b"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
alt-svc
h3=":443"; ma=93600
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
last-modified
Mon, 26 May 2025 16:36:06 GMT
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
quic-version
0x00000001
x-amz-request-id
tx00000fff4b7ca36cd98b7-00683490f1-ca651226-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
48330
server
Akamai Resource Optimizer
homedesktop-Home_es6_module.62375191.chunk.js
assets.toiimg.com/assets/ 		125 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/homedesktop-Home_es6_module.62375191.chunk.js
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
29f16516d34f5cd4f519b28775948fe92b0c2e89500f44e408edc47378bd79de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://sub4.mafinet.store
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"e0a0b65b3fb3c33a3be81f4f6d1a8a70"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
alt-svc
h3=":443"; ma=93600
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
last-modified
Mon, 26 May 2025 12:59:08 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
quic-version
0x00000001
x-amz-request-id
tx00000a54d570adbe83f47-0068346716-ca21ff32-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
32544
homedesktop_es6_module.3a23411c.chunk.js
assets.toiimg.com/assets/ 		28 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/homedesktop_es6_module.3a23411c.chunk.js
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-242.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
e01ea6dcedd350c6a0b0549090a07e8af16816ea1c7ab278dc06336794c0f92f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://sub4.mafinet.store
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
br
etag
"668e525f5741bb77fec6e942b665ad14"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
alt-svc
h3=":443"; ma=93600
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
last-modified
Mon, 26 May 2025 14:50:10 GMT
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
quic-version
0x00000001
x-amz-request-id
tx00000f3eeb663aa596f9b-0068347713-ca54cc80-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
6393
server
Akamai Resource Optimizer
toihomeindiadesktoplayout_old_es6_module.de3f3a6e.chunk.js
assets.toiimg.com/assets/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/toihomeindiadesktoplayout_old_es6_module.de3f3a6e.chunk.js
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3e3fb205ae4edd2e1b5ed11897507f489467dfdbacf7304b8a9af739fa6130a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://sub4.mafinet.store
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"ea2b87cae3bad90eafa829a6d1095496"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
alt-svc
h3=":443"; ma=93600
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
last-modified
Mon, 26 May 2025 12:59:12 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
quic-version
0x00000001
x-amz-request-id
tx00000fb64d23ec2bed736-0068346716-d7d1651f-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
18121
version-29,minify-1.cms
timesofindia.indiatimes.com/grxpushnotification_js/ 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timesofindia.indiatimes.com/grxpushnotification_js/version-29,minify-1.cms?fromreact=true
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-195.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
bfca1708d1338e3558b11dc2ef9fc686aefd790aff4e083a09ef147ecd7dbac1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.timesinternet.in https://*.sli.ke https://economictimes.indiatimes.com https://navbharattimes.indiatimes.com https://m.timesofindia.com https://m.economictimes.com https://gadgetsnow.com https://www.gadgetsnow.com https://gadgetsnow.indiatimes.com https://www.google.com https://google.com https://static-toiimg-com.cdn.ampproject.org https://m-timesofindia-com.cdn.ampproject.org https://www.newspointapp.com https://timesofindia.indiatimes.com https://auto.timesofindia.com https://timesofindia-indiatimes-com.cdn.ampproject.org https://vijaykarnataka.com https://*.samayam.com https://*.iamgujarat.com https://*.indiatimes.com;
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
x-content-header
br
content-encoding
br
etag
W/"003d7cf14b72e73477c99d1a082eb8c3c"
access-control-allow-methods
GET,POST
content-msg
DATA_SERVED_FROM_CACHE
expires
Tue, 27 May 2025 10:05:11 GMT
alt-svc
h3=":443"; ma=93600
date
Tue, 27 May 2025 09:26:30 GMT
last-modified
Tue, 27 May 2025 08:45:19 GMT
content-type
application/javascript;charset=UTF-8
x-frame-options
SAMEORIGIN
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept
strict-transport-security
max-age=86400
content-security-policy
frame-ancestors 'self' https://*.timesinternet.in https://*.sli.ke https://economictimes.indiatimes.com https://navbharattimes.indiatimes.com https://m.timesofindia.com https://m.economictimes.com https://gadgetsnow.com https://www.gadgetsnow.com https://gadgetsnow.indiatimes.com https://www.google.com https://google.com https://static-toiimg-com.cdn.ampproject.org https://m-timesofindia-com.cdn.ampproject.org https://www.newspointapp.com https://timesofindia.indiatimes.com https://auto.timesofindia.com https://timesofindia-indiatimes-com.cdn.ampproject.org https://vijaykarnataka.com https://*.samayam.com https://*.iamgujarat.com https://*.indiatimes.com;
cache-control
public, must-revalidate, max-age=2321
x-cool
11.64
access-control-allow-credentials
false
quic-version
0x00000001
akamai-timesinternet-grn
0.03d53e17.1748337990.12ec9f37
content-length
10509
content-language
hu-HU
server
Bhoot
minify-1,version-14.cms
timesofindia.indiatimes.com/locateservice_js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timesofindia.indiatimes.com/locateservice_js/minify-1,version-14.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-195.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
fe99bd13111c17ff267800c15725eaddf78980525a9b25a629370874fd10927a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.timesinternet.in https://*.sli.ke https://economictimes.indiatimes.com https://navbharattimes.indiatimes.com https://m.timesofindia.com https://m.economictimes.com https://gadgetsnow.com https://www.gadgetsnow.com https://gadgetsnow.indiatimes.com https://www.google.com https://google.com https://static-toiimg-com.cdn.ampproject.org https://m-timesofindia-com.cdn.ampproject.org https://www.newspointapp.com https://timesofindia.indiatimes.com https://auto.timesofindia.com https://timesofindia-indiatimes-com.cdn.ampproject.org https://vijaykarnataka.com https://*.samayam.com https://*.iamgujarat.com https://*.indiatimes.com;
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
x-content-header
br
content-encoding
br
etag
W/"0eeaa9f5f0ae0d286e8d95448ad67c17e"
access-control-allow-methods
GET,POST
content-msg
DATA_SERVED_FROM_CACHE
expires
Mon, 27 Apr 2026 01:35:56 GMT
alt-svc
h3=":443"; ma=93600
date
Tue, 27 May 2025 09:26:30 GMT
last-modified
Thu, 09 Jan 2025 19:13:59 GMT
content-type
application/javascript;charset=UTF-8
x-frame-options
SAMEORIGIN
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept
strict-transport-security
max-age=86400
content-security-policy
frame-ancestors 'self' https://*.timesinternet.in https://*.sli.ke https://economictimes.indiatimes.com https://navbharattimes.indiatimes.com https://m.timesofindia.com https://m.economictimes.com https://gadgetsnow.com https://www.gadgetsnow.com https://gadgetsnow.indiatimes.com https://www.google.com https://google.com https://static-toiimg-com.cdn.ampproject.org https://m-timesofindia-com.cdn.ampproject.org https://www.newspointapp.com https://timesofindia.indiatimes.com https://auto.timesofindia.com https://timesofindia-indiatimes-com.cdn.ampproject.org https://vijaykarnataka.com https://*.samayam.com https://*.iamgujarat.com https://*.indiatimes.com;
cache-control
public, must-revalidate, max-age=28915766
x-cool
11.55
access-control-allow-credentials
false
quic-version
0x00000001
akamai-timesinternet-grn
0.03d53e17.1748337990.12ec9f3b
content-length
995
content-language
en-US
server
Bhoot
minify-1,version-2.cms
timesofindia.indiatimes.com/aqiscript/ 		512 B
285 B 		Script
General
Check archive.org
Download Go to
Full URL
https://timesofindia.indiatimes.com/aqiscript/minify-1,version-2.cms
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-195.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
30dc8eeda672b11a230e073b3e7af3631f7c1d59df5a834c6df0cf601012ae4c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.timesinternet.in https://*.sli.ke https://economictimes.indiatimes.com https://navbharattimes.indiatimes.com https://m.timesofindia.com https://m.economictimes.com https://gadgetsnow.com https://www.gadgetsnow.com https://gadgetsnow.indiatimes.com https://www.google.com https://google.com https://static-toiimg-com.cdn.ampproject.org https://m-timesofindia-com.cdn.ampproject.org https://www.newspointapp.com https://timesofindia.indiatimes.com https://auto.timesofindia.com https://timesofindia-indiatimes-com.cdn.ampproject.org https://vijaykarnataka.com https://*.samayam.com https://*.iamgujarat.com https://*.indiatimes.com;
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
x-content-header
br
content-encoding
br
etag
W/"03d0440fa21bf41ef058199781e7e303d"
access-control-allow-methods
GET,POST
content-msg
DATA_SERVED_FROM_CACHE
expires
Thu, 14 May 2026 07:04:43 GMT
alt-svc
h3=":443"; ma=93600
date
Tue, 27 May 2025 09:26:30 GMT
last-modified
Fri, 20 Dec 2024 06:28:00 GMT
content-type
application/javascript;charset=UTF-8
x-frame-options
SAMEORIGIN
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept
strict-transport-security
max-age=86400
content-security-policy
frame-ancestors 'self' https://*.timesinternet.in https://*.sli.ke https://economictimes.indiatimes.com https://navbharattimes.indiatimes.com https://m.timesofindia.com https://m.economictimes.com https://gadgetsnow.com https://www.gadgetsnow.com https://gadgetsnow.indiatimes.com https://www.google.com https://google.com https://static-toiimg-com.cdn.ampproject.org https://m-timesofindia-com.cdn.ampproject.org https://www.newspointapp.com https://timesofindia.indiatimes.com https://auto.timesofindia.com https://timesofindia-indiatimes-com.cdn.ampproject.org https://vijaykarnataka.com https://*.samayam.com https://*.iamgujarat.com https://*.indiatimes.com;
cache-control
public, must-revalidate, max-age=30404293
x-cool
11.59
access-control-allow-credentials
false
quic-version
0x00000001
akamai-timesinternet-grn
0.03d53e17.1748337990.12ec9f3c
content-length
252
content-language
en-GB
server
Bhoot
111189406.cms
static.toiimg.com/photo/ 		1 KB
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/111189406.cms
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/assets/homedesktop-Home.e8de66f1.chunk.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
bf5433f79ccc83e994c58040a572519fc854ab99102581689159ce368be268ce
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://assets.toiimg.com/

Response headers

content-encoding
gzip
etag
1112
appgn
17224404101231721021704433
x-content-type-options
nosniff, nosniff
expires
Thu, 14 May 2026 20:23:17 GMT
alt-svc
h3=":443"; ma=93600
imagemagick_im4java
1
date
Tue, 27 May 2025 09:26:30 GMT
content-type
image/svg+xml
vary
Accept-Encoding
content-disposition
inline; filename=111189406.svg
x-frame-options
sameorigin, sameorigin
cache-control
public, must-revalidate, max-age=30452207
quic-version
0x00000001
content-length
575
x-xss-protection
1; mode=block, 1; mode=block
server
Bhoot
109062207.cms
static.toiimg.com/photo/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/109062207.cms
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/assets/67872.d3ab8007.chunk.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
57b237923c2df495c817c75b6f16ce07131c74dcea7f525e25476480e8a15591
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://assets.toiimg.com/

Response headers

cache-control
public, must-revalidate, max-age=30452207
etag
15727
x-content-type-options
nosniff, nosniff
appgn
17229387401231742448603923
expires
Thu, 14 May 2026 20:23:17 GMT
alt-svc
h3=":443"; ma=93600
imagemagick_im4java
1
content-length
12102
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:30 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
108997258.cms
static.toiimg.com/photo/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/108997258.cms
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/assets/67872.d3ab8007.chunk.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
e86dcdf775f361b35fe4223fc9e64a822d7338fe5ee6ee3acdfcf6907890233a
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://assets.toiimg.com/

Response headers

cache-control
public, must-revalidate, max-age=30452207
etag
5753
appgn
17224408901231741588609643
x-content-type-options
nosniff, nosniff
expires
Thu, 14 May 2026 20:23:17 GMT
alt-svc
h3=":443"; ma=93600
content-length
5230
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:30 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
108707621.cms
static.toiimg.com/photo/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/108707621.cms
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/assets/67872.d3ab8007.chunk.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
9324000154038963209220c38419f0355e96e71b556ddc2392e0b577cdb22aca
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://assets.toiimg.com/

Response headers

cache-control
public, must-revalidate, max-age=30452658
etag
153501
x-content-type-options
nosniff, nosniff
appgn
17224409001231734947610646
expires
Thu, 14 May 2026 20:30:48 GMT
alt-svc
h3=":443"; ma=93600
imagemagick_im4java
1
content-length
43984
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:30 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
90225317.cms
static.toiimg.com/photo/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/90225317.cms
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/assets/67872.d3ab8007.chunk.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
1fb602f25eb30de14fd6bb13eb1479bc70b9a272a898058b54345245075e9759
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://assets.toiimg.com/

Response headers

cache-control
public, must-revalidate, max-age=30452207
etag
33820
appgn
17229386501231708673535285
x-content-type-options
nosniff, nosniff
expires
Thu, 14 May 2026 20:23:17 GMT
alt-svc
h3=":443"; ma=93600
content-length
3916
imagemagick_im4java
1
x-xss-protection
1; mode=block, 1; mode=block
date
Tue, 27 May 2025 09:26:30 GMT
content-type
image/webp
server
Bhoot
quic-version
0x00000001
x-frame-options
sameorigin, sameorigin
119591206.cms
static.toiimg.com/photo/ 		21 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.toiimg.com/photo/119591206.cms
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/assets/67872.d3ab8007.chunk.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.20.245.202 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-202.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
b1fbd89b922842ae2fb58d8f82fe8c2347394ddf802da9da3cf80964ba7d6efe
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://assets.toiimg.com/

Response headers

content-encoding
gzip
etag
21430
appgn
172247716101231743585227512
x-content-type-options
nosniff, nosniff
expires
Thu, 14 May 2026 20:30:48 GMT
alt-svc
h3=":443"; ma=93600
imagemagick_im4java
1
date
Tue, 27 May 2025 09:26:30 GMT
content-type
image/svg+xml
vary
Accept-Encoding
content-disposition
inline; filename=119591206.svg
x-frame-options
sameorigin, sameorigin
cache-control
public, must-revalidate, max-age=30452658
quic-version
0x00000001
content-length
15617
x-xss-protection
1; mode=block, 1; mode=block
server
Bhoot
request_worker.js
sub4.mafinet.store/assets/ 		0
0
46066_es6_module.a12751b1.chunk.js
assets.toiimg.com/assets/ 		54 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/46066_es6_module.a12751b1.chunk.js
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/assets/bootstrap-modern_es6_module.33bc7268.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
18cebffd0e383b35baa60a7a20e6ba732dcb13fc77d92d63bb092f27ccaa21dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"8c6cfa6d4a617c560b44204d2555ad19"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
alt-svc
h3=":443"; ma=93600
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
last-modified
Tue, 13 May 2025 12:46:20 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
quic-version
0x00000001
x-amz-request-id
tx00000bddd99ae47b587e2-0068236001-ca54cb3b-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
14102
83172_es6_module.7af64108.chunk.js
assets.toiimg.com/assets/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/83172_es6_module.7af64108.chunk.js
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/assets/bootstrap-modern_es6_module.33bc7268.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-242.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
fdc3798abcf59936be8b282244028638433fdc55c0230064cc4ee4ba9eb10653

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
br
etag
"876f6729c95a0499d4636ad57bd88015"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
alt-svc
h3=":443"; ma=93600
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
last-modified
Wed, 21 May 2025 09:42:42 GMT
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
quic-version
0x00000001
x-amz-request-id
tx0000089a65b62eadc6c5a-00682d9bec-ca650ee3-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
8302
server
Akamai Resource Optimizer
67142_es6_module.c03be9d4.chunk.js
assets.toiimg.com/assets/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/67142_es6_module.c03be9d4.chunk.js
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/assets/bootstrap-modern_es6_module.33bc7268.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c4f6eccbb942003c2996a11d2f2bda19b68ea6438ef59ee20e2bc5a01e18a37d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"4fe808df991ed5de762a5e618d7aa1a6"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
alt-svc
h3=":443"; ma=93600
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
last-modified
Mon, 26 May 2025 12:59:03 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
quic-version
0x00000001
x-amz-request-id
tx00000cded34e968a82bb6-00683466a7-ca6511e0-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
7525
96705_es6_module.13e79f47.chunk.js
assets.toiimg.com/assets/ 		73 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/96705_es6_module.13e79f47.chunk.js
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/assets/bootstrap-modern_es6_module.33bc7268.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
41cccface0eb95ab37019c6ff3052453307f0e75d25fe28be3af7c7bdc611633

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"d6b1753172267268fa853fe9a44bdf92"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
alt-svc
h3=":443"; ma=93600
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
last-modified
Mon, 26 May 2025 12:59:04 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
quic-version
0x00000001
x-amz-request-id
tx0000034fd7bbc8797f3a3-00683466a7-ca5671eb-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
21527
23255_es6_module.dbeba071.chunk.js
assets.toiimg.com/assets/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/23255_es6_module.dbeba071.chunk.js
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/assets/bootstrap-modern_es6_module.33bc7268.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3985ab33cf69c0aa10150fa6eff89d99d13dff61a910873ba7913e4bc4b1c785

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"9ac21242291f9cb320c6f4dc63e0b2c7"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
alt-svc
h3=":443"; ma=93600
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
last-modified
Mon, 26 May 2025 12:59:02 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
quic-version
0x00000001
x-amz-request-id
tx000009a0d3b7a4d454a78-00683466a9-ca6511e0-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
18370
29896_es6_module.887b3d6c.chunk.js
assets.toiimg.com/assets/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/29896_es6_module.887b3d6c.chunk.js
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/assets/bootstrap-modern_es6_module.33bc7268.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3e5c9ba0e85eaa4e43adaf094ba83d82672250b2942ca99b15b9b7b5a1fccb7f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"a43f8268a598cca6e490691b6f39d16e"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
alt-svc
h3=":443"; ma=93600
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
last-modified
Mon, 26 May 2025 12:59:02 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
quic-version
0x00000001
x-amz-request-id
tx000001ffde594abdffe89-00683466b1-ca21fda2-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
11751
62822_es6_module.d95f2fbb.chunk.js
assets.toiimg.com/assets/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/62822_es6_module.d95f2fbb.chunk.js
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/assets/bootstrap-modern_es6_module.33bc7268.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d70bd75aaefb0cdbcb4941c0204257debd84c42dd2c11702c190c6647dcb1d9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"024949626323a1c101617bb89ba774d5"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
alt-svc
h3=":443"; ma=93600
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
last-modified
Mon, 26 May 2025 12:59:03 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
quic-version
0x00000001
x-amz-request-id
tx000008b1ef7698f90db3d-00683466ab-ca6511e0-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
11986
72187_es6_module.4be5f716.chunk.js
assets.toiimg.com/assets/ 		87 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/72187_es6_module.4be5f716.chunk.js
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/assets/bootstrap-modern_es6_module.33bc7268.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-242.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
160d4af69351e1058aad444c70ec5701d0817694615345db59e1d19866e6ec25

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
br
etag
"d667d346ecefa8a4ee6d05c8ce3dcf55"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
alt-svc
h3=":443"; ma=93600
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
last-modified
Mon, 26 May 2025 17:46:03 GMT
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
quic-version
0x00000001
x-amz-request-id
tx0000077437ba081c6a078-006834a8da-ca650ee3-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
21764
server
Akamai Resource Optimizer
31071_es6_module.afaf25b1.chunk.js
assets.toiimg.com/assets/ 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/31071_es6_module.afaf25b1.chunk.js
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/assets/bootstrap-modern_es6_module.33bc7268.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2731269be65668b90daa05fec534f2fc259405ab7a02e42ae1a833f807a973e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"3a894004ce6276fad320f2876fd6f884"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
alt-svc
h3=":443"; ma=93600
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
last-modified
Mon, 26 May 2025 12:59:02 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
quic-version
0x00000001
x-amz-request-id
tx000006b95d02142d0c322-00683466b1-ca651226-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
15723
30815_es6_module.885e057e.chunk.js
assets.toiimg.com/assets/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/30815_es6_module.885e057e.chunk.js
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/assets/bootstrap-modern_es6_module.33bc7268.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
81abaf253966d60ac0886b1222aea07fc8ebe39fb655044ca6fa6e544a58e31c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"d37cf6320119268a0116e9058106c6cf"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
alt-svc
h3=":443"; ma=93600
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
last-modified
Mon, 26 May 2025 12:59:02 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
quic-version
0x00000001
x-amz-request-id
tx0000099bf4a33544636a2-00683466bd-ca6511e0-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
15844
68706_es6_module.e4983501.chunk.js
assets.toiimg.com/assets/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/68706_es6_module.e4983501.chunk.js
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/assets/bootstrap-modern_es6_module.33bc7268.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9b068189c3d9b7418c858bb5921b8277cc4cf3a4d5e2cc32fe1951159b7c356d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
"b2756b397bb25439bf0e111fbf096c95"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
alt-svc
h3=":443"; ma=93600
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
last-modified
Mon, 26 May 2025 12:59:03 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
quic-version
0x00000001
x-amz-request-id
tx0000098de46cfee7f5078-00683466d0-ca651d3e-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
12699
87703_es6_module.2db340b5.chunk.js
assets.toiimg.com/assets/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/87703_es6_module.2db340b5.chunk.js
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/assets/bootstrap-modern_es6_module.33bc7268.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-242.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
cc23363f8dce2cf1741f3c64318c5b3ccbe4d545536170fdd99b87a81b5329c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
br
etag
"b1059f0d274494d691ed789ce77e412a"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
alt-svc
h3=":443"; ma=93600
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
last-modified
Tue, 27 May 2025 02:42:45 GMT
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
quic-version
0x00000001
x-amz-request-id
tx00000fcb0a966f1c4821a-0068347be6-ca21fda2-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
8708
server
Akamai Resource Optimizer
67872_es6_module.3fc56c57.chunk.js
assets.toiimg.com/assets/ 		135 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.toiimg.com/assets/67872_es6_module.3fc56c57.chunk.js
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/assets/bootstrap-modern_es6_module.33bc7268.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.38.98.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-38-98-242.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
0130d62aac9eefa4e8a2d05efb50a1402ec9d0b54a31d177d223607c94c4736a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
86400
content-encoding
br
etag
"e8a50759f5b0490e6f5f4a5b1d2dd133"
access-control-allow-methods
GET,POST
expires
Thu, 26 Jun 2025 09:26:30 GMT
alt-svc
h3=":443"; ma=93600
x-rgw-object-type
Normal
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
last-modified
Mon, 26 May 2025 18:05:30 GMT
access-control-allow-headers
*
cache-control
max-age=2592000
access-control-allow-credentials
false
quic-version
0x00000001
x-amz-request-id
tx0000016589348c8f946ac-006834aa5b-ca21fb9a-default
accept-ranges
bytes
access-control-allow-origin
*
content-length
31621
server
Akamai Resource Optimizer
bulk
trc.taboola.com/timesinternetlimited-timesofindia/log/3/ 		0
297 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/timesinternetlimited-timesofindia/log/3/bulk?route=AM%3AAM%3AV&lti=trecs&tvi2=21308&tvi62=21427&cv=20250527-3-RELEASE&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/timesinternetlimited-timesofindia/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://sub4.mafinet.store/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 27 May 2025 09:26:30 GMT
content-type
image/gif
x-served-by
cache-ams21027-AMS
x-cache-hits
0
cache-control
no-cache
x-fastly-to-nlb-rtt
760
pragma
no-cache
x-timer
S1748337991.994297,VS0,VE2
x-vcl-time-ms
2
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://sub4.mafinet.store
x-service-version
v1
server
nginx
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

etag
"dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
age
3227
x-cache
HIT
date
Tue, 27 May 2025 09:26:30 GMT
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
x-served-by
cache-ams21027-AMS
x-cache-hits
345
content-type
image/png
x-amz-id-2
MJRIB7Ue5ULjcr6QTTUmOUZhKoYyj4SS9tzDBGktdQu8Q3QTHxwk7F7g67v+fJH3gZEPmyUR4YU=
x-amz-replication-status
COMPLETED
cache-control
private,max-age=31536000
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1748337991.995578,VS0,VE0
via
1.1 varnish
x-amz-request-id
2ASEWRJA41KKNF6Q
accept-ranges
bytes
access-control-allow-origin
*
abp
54
content-length
254
server
AmazonS3
reloadcampaigns
events.bouncex.net/track.gif/ 		42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmHuCFhJoshEAH1QsERnEU0ONAxC8erAMwBBVQDMoYHCr4cAIgDJQkWAhTps+LEhDMqNeowvho8JKky48EgBPZGcBIRExSRBpLFl5RWVPKxgAYV87XAA1HmYARjNECBhnAAYzAHcQOkUSEDQYZnYAVnVmswS0YUa89gAWAA51dXYATgHRvvYh5r6zEvk4esax0eb2Up5RngA2HdKdgYHS1p4zVAwQeRAKhvyzQwBHMSwlu-UzODA0ECFhRCYJF8+X6QxGo1GeSmO0+31+QOQaAoIGAikEzCBGA+CzQS2YMDMJAAFmhgDBxKhgMFxKQIMAoJdxDAFO4QI09AYQISAF4QZgAWjyPHKOAghGAeKqdDMDPhzGIKKAA
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 27 May 2025 09:26:31 GMT
content-type
image/gif
prebid
ib.adnxs.com/ut/v3/ 		53 B
620 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
185.65.134.154; 185.65.134.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://sub4.mafinet.store
an-x-request-uuid
31415acd-97e7-40f6-a170-537a33228226
content-length
53
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 27 May 2025 09:26:31 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
fastlane.json
fastlane.rubiconproject.com/a/api/ 		491 B
525 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=4642&site_id=534328&zone_id=3277360&size_id=9&alt_size_ids=8&p_pos=btf&eid_pubcid.org=101e4a03-a8a2-48de-adb3-b6f965015fda%5E1%5E%5E%5E%5E%5E&rf=https%3A%2F%2Fsub4.mafinet.store%2F&kw=News%2C%20Breaking%20news%2C%20Latest%20news%2C%20Live%20news%2C%20Today%20news%2C%20News%20Today%2C%20India%20news%2C%20English%20news%2C%20Politics%20news%2C%20Top%20news%20in%20India&tg_i.domain=sub4.mafinet.store&tg_i.page=https%3A%2F%2Fsub4.mafinet.store%2F&tg_i.documentLang=en&tg_i.pbadslot=%2F23037861279%2FTOI_WEB%2FTOI_WEB_HOME%2FTOI_WEB_HOME_HP%2FTOI_WEB_HOME_HP_SKINNER_LHS&tk_flint=pbjs_lite_v9.43.0&x_source.tid=4ce9a6c9-d1ea-4812-8ba7-bc04e1bff885&l_pb_bid_id=4079f609877e1af&p_screen_res=1600x1200&rp_floor=0.55&rp_secure=1&x_imp.ext.tid=6a5f5025-8c5d-4324-86e0-259625ec81b8&rp_maxbids=1&p_gpid=%2F23037861279%2FTOI_WEB%2FTOI_WEB_HOME%2FTOI_WEB_HOME_HP%2FTOI_WEB_HOME_HP_SKINNER_LHS&m_ch_mobile=%3F0&slots=1&rand=0.5453149224851088
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
6a4e349ba0a587d736193ca6d9fa058eb5bea47b509bd0d65745154492a03645

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://sub4.mafinet.store
content-length
491
date
Tue, 27 May 2025 09:26:31 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
fastlane.json
fastlane.rubiconproject.com/a/api/ 		491 B
548 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=4642&site_id=534328&zone_id=3277360&size_id=9&alt_size_ids=8&p_pos=btf&eid_pubcid.org=101e4a03-a8a2-48de-adb3-b6f965015fda%5E1%5E%5E%5E%5E%5E&rf=https%3A%2F%2Fsub4.mafinet.store%2F&kw=News%2C%20Breaking%20news%2C%20Latest%20news%2C%20Live%20news%2C%20Today%20news%2C%20News%20Today%2C%20India%20news%2C%20English%20news%2C%20Politics%20news%2C%20Top%20news%20in%20India&tg_i.domain=sub4.mafinet.store&tg_i.page=https%3A%2F%2Fsub4.mafinet.store%2F&tg_i.documentLang=en&tg_i.pbadslot=%2F23037861279%2FTOI_WEB%2FTOI_WEB_HOME%2FTOI_WEB_HOME_HP%2FTOI_WEB_HOME_HP_SKINNER_RHS&tk_flint=pbjs_lite_v9.43.0&x_source.tid=4ce9a6c9-d1ea-4812-8ba7-bc04e1bff885&l_pb_bid_id=410dce39ff690c6&p_screen_res=1600x1200&rp_floor=0.55&rp_secure=1&x_imp.ext.tid=d41056cc-4e8a-4262-ac85-f7375ea6bd95&rp_maxbids=1&p_gpid=%2F23037861279%2FTOI_WEB%2FTOI_WEB_HOME%2FTOI_WEB_HOME_HP%2FTOI_WEB_HOME_HP_SKINNER_RHS&m_ch_mobile=%3F0&slots=1&rand=0.710223122081256
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
1dc041c43853e772b529d9e8ea6e12ed88e88ebe4f8d5c0b41d8c81ee27d6b0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://sub4.mafinet.store
content-length
491
date
Tue, 27 May 2025 09:26:31 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
request
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 		0
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.43.0&cb=27804165770&lsavail=1
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::27 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://sub4.mafinet.store
date
Tue, 27 May 2025 09:26:31 GMT
vary
Origin
server
Kestrel
/
prebid.smilewanted.com/ 		0
61 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-ray
9464789eea981606-AMS
expires
-1
access-control-allow-origin
https://sub4.mafinet.store
date
Tue, 27 May 2025 09:26:31 GMT
server
cloudflare
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
38 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-ray
9464789eea9c1606-AMS
expires
-1
access-control-allow-origin
https://sub4.mafinet.store
date
Tue, 27 May 2025 09:26:31 GMT
server
cloudflare
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebidjs
api.w.inmobi.com/openrtb/bidder/ 		0
0
bid-request
a.teads.tv/hb/ 		16 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.149.198 Santiago, Chile, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-149-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Tue, 27 May 2025 09:26:31 GMT
access-control-allow-origin
https://sub4.mafinet.store
content-length
42
date
Tue, 27 May 2025 09:26:31 GMT
content-type
application/json
vary
Accept-Encoding
v1
btlr.sharethrough.com/universal/ 		0
124 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.159.236.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-159-236-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://sub4.mafinet.store
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
124 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.159.236.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-159-236-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://sub4.mafinet.store
access-control-allow-credentials
true
pbjs
jambojar-prebid.attekmi.com/ 		2 B
245 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jambojar-prebid.attekmi.com/pbjs
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.82.125 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

Access-Control-Allow-Origin
https://sub4.mafinet.store
Content-Length
2
Date
Tue, 27 May 2025 09:26:31 GMT
Content-Type
application/json
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1075035
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02fd2a90e14b038e3ebbbe946718c7ab9c7e4a78bb23f87e25bbc4190708a5b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x763Jh29LcK9dX7gEmbSUyShs%2BlePWRgjcAwrTQqvDLUyNYaUUVOMkzyMy1O3E5K8N24g2qLu74P4sMsJAMMhkQziF5FcNn5bPbHcO7%2FZNCNVTpSjeS8OM5JvQxH8b9Lf4oGVEr4"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 27 May 2025 09:26:31 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
9464789efee89717-AMS
access-control-allow-origin
https://sub4.mafinet.store
content-length
37
server
cloudflare
timesinternet
direct.adsrvr.org/bid/bidder/ 		0
422 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/timesinternet
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.223.6.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8c33d2b6751b365d.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

x-openrtb-version
2.3
cache-control
private
access-control-allow-credentials
true
access-control-allow-origin
https://sub4.mafinet.store
content-length
0
date
Tue, 27 May 2025 09:26:31 GMT
content-type
application/json
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, x-integration-type
auction
bidding.rediads.com/openrtb2/ 		261 B
616 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidding.rediads.com/openrtb2/auction
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.126.254.234 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a3862d17481e642a5e2e0f039f98c54e6159f1ab090fcba069e2d4054af9d926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
0
access-control-allow-origin
https://sub4.mafinet.store
content-length
261
date
Tue, 27 May 2025 09:26:31 GMT
x-prebid
pbs-go/1.4.6
content-type
application/json
vary
Origin
prebid
prebid.media.net/rtb/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials
true
observe-browsing-topics
?1
pmfcgi-resp
TRUE
access-control-allow-origin
https://sub4.mafinet.store
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 27 May 2025 09:26:31 GMT
server
nginx
auction
display.bidder.taboola.com/OpenRTB/TaboolaHB/ 		0
85 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://display.bidder.taboola.com/OpenRTB/TaboolaHB/auction?publisher=1781492
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

x-openrtb-version
0.0
x-envoy-upstream-service-time
3
x-timer
S1748337992.514893,VS0,VE5
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://sub4.mafinet.store
x-cache
MISS
date
Tue, 27 May 2025 09:26:31 GMT
content-type
application/json;charset=utf-8
x-served-by
cache-ams21045-AMS
server
nginx
x-cache-hits
0
x-nlb
nlb-bidder404
prebidjs
rtb.openx.net/openrtbb/ 		53 B
131 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
f3da558a3b5fc175b6f0049d88d0f924ff1afeb58ac2d66b0a99fb61564b403d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
gzip
x-forwarded-for
185.65.134.154
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://sub4.mafinet.store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Tue, 27 May 2025 09:26:30 GMT
content-type
text/plain
vary
Origin
config
c.amazon-adsystem.com/cdn/prod/ 		946 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5025&u=https%3A%2F%2Fsub4.mafinet.store
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d2dae21f9129a58eab4e0a44f21317af32fee82552774a9f5106464e64816775

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
access-control-allow-origin
https://sub4.mafinet.store
x-cache
Miss from cloudfront
content-length
946
x-amz-cf-id
4wVScREgrZddHfIkcEM-BLGTgV5ieJmjtQFZa24zkxt_zSyc_ij7vA==
date
Tue, 27 May 2025 09:26:28 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA56-P6
server
Server
bid
aax.amazon-adsystem.com/e/dtb/ 		25 B
379 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5025&u=https%3A%2F%2Fsub4.mafinet.store%2F&pid=95tafoJfZIcWJ&cb=1&ws=1600x1200&v=25.520.1758&t=1200&slots=%5B%7B%22sd%22%3A%22TOI_appgutter_left%22%2C%22s%22%3A%5B%22125x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F23037861279%2FTOI_WEB%2FTOI_WEB_HOME%2FTOI_WEB_HOME_HP%2FTOI_WEB_HOME_HP_SKINNER_LHS%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A55%7D%2C%7B%22sd%22%3A%22TOI_appgutter_right%22%2C%22s%22%3A%5B%22125x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F23037861279%2FTOI_WEB%2FTOI_WEB_HOME%2FTOI_WEB_HOME_HP%2FTOI_WEB_HOME_HP_SKINNER_RHS%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A55%7D%5D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&rt=j
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.123.205 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-123-205.fra60.r.cloudfront.net
Software
Server /
Resource Hash
f9407c584179c346760e40a7f07d14807fdd268510692529d44d0e2bd9379ac0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
access-control-allow-origin
https://sub4.mafinet.store
x-cache
Miss from cloudfront
content-length
45
x-amz-cf-id
w8RNwOatHv_HrpefiU1ss5QJWYYJ66dtRy9q7w9zl0KkeshNbimCrw==
date
Tue, 27 May 2025 09:26:31 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA60-P2
server
Server
log
navvy.media.net/ 		43 B
303 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://navvy.media.net/log
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.55.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.55.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=63072000
cache-control
max-age=0, no-cache, no-store
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version
pragma
no-cache
via
1.1 google
expires
Mon, 26 May 2025 09:26:31 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Tue, 27 May 2025 09:26:31 GMT
content-type
image/gif
ads
pagead2.googlesyndication.com/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=692032044955955&correlator=4112500058846932&eid=31092678%2C95353384%2C83321072%2C95340253%2C95340255&output=ldjh&gdfp_req=1&vrg=202505200101&ptt=17&impl=fifs&iu_parts=23037861279%2CTOI_WEB%2CTOI_WEB_HOME%2CTOI_WEB_HOME_HP%2CTOI_WEB_HOME_HP_MREC_1_HD&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=2&dids=1517220297485&adfs=1782823928&sfv=1-0-45&eri=1&sc=1&abxe=1&dt=1748337991522&lmt=1748337843&adxs=1048&adys=238&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsub4.mafinet.store%2F&vis=1&psz=300x268&msz=300x0&fws=4&ohw=1600&topics=5&tps=5&htps=5&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1748337988587&idt=382&prev_scp=name%3D%2522mrec%2522%26size%3D%255B%255B300%252C250%255D%255D%26amznbid%3D2%26amznp%3D2&cust_params=_uid2%3D0%26sg%3D%26aud_flag%3Dfalse%26Meta_Keywords%3DNews%252C%2520Breaking%2520news%252C%2520Latest%2520news%252C%2520Live%2520news%252C%2520Today%2520news%252C%2520News%2520Today%252C%2520India%2520news%252C%2520English%2520news%252C%2520Politics%2520news%252C%2520Top%2520news%2520in%2520India%26Content_URL%3Dhttps%253A%252F%252Ftimesofindia.indiatimes.com%26SCN%3Dhome%26Tmpl_SCN%3Dhome%26Channel%3Dtoi%26loggedin%3Dno&adks=295926755&frm=20&gblpids=%2F23037861279%2FTOI_WEB%2FTOI_WEB_HOME%2FTOI_WEB_HOME_HP%2FTOI_WEB_HOME_HP_MREC_1_HD&pbbce=1&td=1&tan=895c3671-8445-4a5a-b57d-54b06746a5f9&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
81ab369d0a9c48819356fcd362356becb2f00d8ee4b22d038336c98024866156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
br
google-lineitem-id
6962112641
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 27 May 2025 09:26:31 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138513354403
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://sub4.mafinet.store
content-length
12831
x-xss-protection
0
server
cafe
onBidderError
sync.inmobi.com/report/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sync.inmobi.com/report/onBidderError
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.212.104.44 Washington, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
44.104.212.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

via
1.1 google
access-control-allow-origin
https://sub4.mafinet.store
content-length
0
date
Tue, 27 May 2025 09:26:31 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials
true
log
navvy.media.net/ 		43 B
97 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://navvy.media.net/log
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.55.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.55.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=63072000
cache-control
max-age=0, no-cache, no-store
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version
pragma
no-cache
via
1.1 google
expires
Mon, 26 May 2025 09:26:31 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Tue, 27 May 2025 09:26:31 GMT
content-type
image/gif
fastlane.json
fastlane.rubiconproject.com/a/api/ 		468 B
502 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=4642&site_id=534328&zone_id=3277360&size_id=15&p_pos=btf&eid_pubcid.org=101e4a03-a8a2-48de-adb3-b6f965015fda%5E1%5E%5E%5E%5E%5E&rf=https%3A%2F%2Fsub4.mafinet.store%2F&kw=News%2C%20Breaking%20news%2C%20Latest%20news%2C%20Live%20news%2C%20Today%20news%2C%20News%20Today%2C%20India%20news%2C%20English%20news%2C%20Politics%20news%2C%20Top%20news%20in%20India&tg_i.domain=sub4.mafinet.store&tg_i.page=https%3A%2F%2Fsub4.mafinet.store%2F&tg_i.documentLang=en&tg_i.pbadslot=%2F23037861279%2FTOI_WEB%2FTOI_WEB_HOME%2FTOI_WEB_HOME_HP%2FTOI_WEB_HOME_HP_MREC_2&tk_flint=pbjs_lite_v9.43.0&x_source.tid=3cdbc40a-dd57-49be-b0d3-918977b73fb3&l_pb_bid_id=824d45a9686e2f38&p_screen_res=1600x1200&rp_floor=0.55&rp_secure=1&x_imp.ext.tid=7e3ed658-a446-4bae-8a2d-f78dd0ab4d98&rp_maxbids=1&p_gpid=%2F23037861279%2FTOI_WEB%2FTOI_WEB_HOME%2FTOI_WEB_HOME_HP%2FTOI_WEB_HOME_HP_MREC_2&m_ch_mobile=%3F0&slots=1&rand=0.39450011640654437
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
e236eb814fa6918ca21cfe041b35eabc0e7738811c092cc47ccff586153856bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://sub4.mafinet.store
content-length
468
date
Tue, 27 May 2025 09:26:31 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
/
prebid.smilewanted.com/ 		0
38 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-ray
9464789f2afe1606-AMS
expires
-1
access-control-allow-origin
https://sub4.mafinet.store
date
Tue, 27 May 2025 09:26:31 GMT
server
cloudflare
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
translator
hbopenbid.pubmatic.com/ 		0
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials
true
observe-browsing-topics
?1
pmfcgi-resp
TRUE
access-control-allow-origin
https://sub4.mafinet.store
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 27 May 2025 09:26:31 GMT
server
nginx
timesinternet
direct.adsrvr.org/bid/bidder/ 		0
422 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/timesinternet
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.223.6.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8c33d2b6751b365d.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

x-openrtb-version
2.3
cache-control
private
access-control-allow-credentials
true
access-control-allow-origin
https://sub4.mafinet.store
content-length
0
date
Tue, 27 May 2025 09:26:31 GMT
content-type
application/json
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, x-integration-type
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1075035
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d937d3a4d5c14f47139f4caf7c0c36eebaa941a6631b1a6afa1204f3e204ba3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HpB7vd%2FtAFTdw9cu%2BTSaXmvZLQ1Z5PmP6V5N9O62irTLm9DaT%2BDHLKXiloxXI8x1BFcJXSh7xZMUdE3qdw3KxW3JaTIuOP9iy7G05umBNvQsNYIWujipJ2DT1m57PNe9oquo8ZJg"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 27 May 2025 09:26:31 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
9464789f2f239717-AMS
access-control-allow-origin
https://sub4.mafinet.store
content-length
36
server
cloudflare
prebid
prebid.media.net/rtb/ 		0
0
pbjs
jambojar-prebid.attekmi.com/ 		2 B
245 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jambojar-prebid.attekmi.com/pbjs
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.82.125 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

Access-Control-Allow-Origin
https://sub4.mafinet.store
Content-Length
2
Date
Tue, 27 May 2025 09:26:31 GMT
Content-Type
application/json
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
auction
bidding.rediads.com/openrtb2/ 		277 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidding.rediads.com/openrtb2/auction
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.126.254.234 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
1a9a357a046068f9eb135fbd6c3df2a1dbefb6f02f75c58cfe53ada0e2476441

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
0
access-control-allow-origin
https://sub4.mafinet.store
content-length
277
date
Tue, 27 May 2025 09:26:31 GMT
x-prebid
pbs-go/1.4.6
content-type
application/json
vary
Origin
bid-request
a.teads.tv/hb/ 		16 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.149.198 Santiago, Chile, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-149-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Tue, 27 May 2025 09:26:31 GMT
access-control-allow-origin
https://sub4.mafinet.store
content-length
42
date
Tue, 27 May 2025 09:26:31 GMT
content-type
application/json
vary
Accept-Encoding
request
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 		0
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.43.0&cb=85401897966&lsavail=1
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::27 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://sub4.mafinet.store
date
Tue, 27 May 2025 09:26:31 GMT
vary
Origin
server
Kestrel
prebid
krk2.kargo.com/api/v1/ 		2 B
564 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.233.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-233-188.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-encoding
gzip
accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
pragma
no-cache
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
nbr
532
access-control-allow-origin
https://sub4.mafinet.store
content-length
26
date
Tue, 27 May 2025 09:26:31 GMT
content-type
application/json; charset=UTF-8
vary
Origin, Accept-Encoding
x-accel-expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
96 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
287699a4a5fc4621403871bc1e587edaee579c94c926d316fcf85025b359557a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
gzip
x-forwarded-for
185.65.134.154
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://sub4.mafinet.store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Tue, 27 May 2025 09:26:31 GMT
content-type
text/plain
vary
Origin
prebidjs
api.w.inmobi.com/openrtb/bidder/ 		0
0
auction
display.bidder.taboola.com/OpenRTB/TaboolaHB/ 		0
46 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://display.bidder.taboola.com/OpenRTB/TaboolaHB/auction?publisher=1781492
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

x-openrtb-version
0.0
x-envoy-upstream-service-time
3
x-timer
S1748337992.547738,VS0,VE5
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://sub4.mafinet.store
x-cache
MISS
date
Tue, 27 May 2025 09:26:31 GMT
content-type
application/json;charset=utf-8
x-served-by
cache-ams21045-AMS
server
nginx
x-cache-hits
0
x-nlb
nlb-bidder404
prebid.htm
ade.clmbtech.com/cde/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		53 B
620 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
185.65.134.154; 185.65.134.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://sub4.mafinet.store
an-x-request-uuid
7c9fbf72-d610-47ad-a8a0-cea68bc54960
content-length
53
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 27 May 2025 09:26:31 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
v1
btlr.sharethrough.com/universal/ 		0
124 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.159.236.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-159-236-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://sub4.mafinet.store
access-control-allow-credentials
true
config
c.amazon-adsystem.com/cdn/prod/ 		946 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5025&u=https%3A%2F%2Fsub4.mafinet.store
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d2dae21f9129a58eab4e0a44f21317af32fee82552774a9f5106464e64816775

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
access-control-allow-origin
https://sub4.mafinet.store
x-cache
Miss from cloudfront
content-length
946
x-amz-cf-id
4wVScREgrZddHfIkcEM-BLGTgV5ieJmjtQFZa24zkxt_zSyc_ij7vA==
date
Tue, 27 May 2025 09:26:28 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA56-P6
server
Server
bid
aax.amazon-adsystem.com/e/dtb/ 		25 B
382 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5025&u=https%3A%2F%2Fsub4.mafinet.store%2F&pid=95tafoJfZIcWJ&cb=2&ws=1600x1200&v=25.520.1758&t=1200&slots=%5B%7B%22sd%22%3A%2263a942c0f0b97eeabf1adff9%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F23037861279%2FTOI_WEB%2FTOI_WEB_HOME%2FTOI_WEB_HOME_HP%2FTOI_WEB_HOME_HP_MREC_2%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A55%7D%5D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&rt=j
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.123.205 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-123-205.fra60.r.cloudfront.net
Software
Server /
Resource Hash
5ba40df0b5475745c6ca953e7cbbdf7ee5feeaf3ea29782607c6dc31c6b0c173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
access-control-allow-origin
https://sub4.mafinet.store
x-cache
Miss from cloudfront
content-length
45
x-amz-cf-id
-OEKkBB0mVH1WLXqnTdAkxyJtBzfz9kbSNm3FqpHEpXGXXJ8N40Uqw==
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA60-P2
server
Server
onBidderError
sync.inmobi.com/report/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sync.inmobi.com/report/onBidderError
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.212.104.44 Washington, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
44.104.212.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

via
1.1 google
access-control-allow-origin
https://sub4.mafinet.store
content-length
0
date
Tue, 27 May 2025 09:26:31 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials
true
view
pagead2.googlesyndication.com/pcs/ Frame 99F9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuomnDBO82w6qpODemOd-k01xd_GcWkb3vXap8U02TSJhrwx72p79WdaA7h4JBaa9EXI_MrqEuDjZQLDkkEh-m8LhAQZr5-zj7kRYL0vAT5ehdwWJ0_5huP8ZcTuowMlnxrPPGjXQ67WmmIY6oGeSE5aqXhVZm5wBH7Qb0zcEIKEt8w809F4Kh0wVQMurQNdZrplOkiXh-PUDkRbIO2wWCqhtsI74oyT8DZxqxnGYEPhJhwjjbuuZrWCVxT3QPi0LW8R6p7iFb8IpfQ4ZXmHkMgdViznoHX_Oko4a_yWEXoHSWnO4n9eIQLcX8E9SyLCM_9_XcvfXog9JCpY5vUf52rvYnkgR435KAXWndUlrn-sbp03G3CUUryykLkADtS6vte11TR7STbV_y2SqMMEZPX7S-yylddp3TkElQO3tbc_d56xOfUgjyqp2y1zdfL1_zqOIPbnXRyBzpyW-LTOgkwMUWyxfbHIDzmO8mXWrS9M7uylzRnj3-ABVTeeZIg5w&sig=Cg0ArKJSzA2l2zVGm9uREAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 27 May 2025 09:26:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
hb_764624_22865.js
player.adtcdn.com/prebidlink/485649/ Frame 99F9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/485649/hb_764624_22865.js
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ac9754a84208c728484246323297e341eccd7fbcf929439d3a90624d7b667e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
max-age=345600
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
"68348dfa-675"
age
759
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=38U5w84YXWCc881JHVgvIwdEr9zIl%2BLXgrwvKkx5f%2BuMhDzS1eigZiugTUgds6oKSa5HsbQn4fggTKyn85CA0eX0LLDnir3OIQkbaeKrDOicjuM6ZVsyrMbD0A%3D%3D"}]}
cf-ray
946478a19e96fb7d-AMS
expires
Tue, 27 May 2025 09:28:58 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 27 May 2025 09:26:31 GMT
content-type
application/javascript
last-modified
Mon, 26 May 2025 15:51:22 GMT
server
cloudflare
vary
accept-encoding
wrapper_hb_764624_22865.js
player.adtcdn.com/prebidlink/485649/ Frame 99F9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/485649/wrapper_hb_764624_22865.js
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09c449fa98eefd14b79d6789ca7ff0afc81301eb5c469f76ccee4703c6af0d89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
max-age=345600
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
"68348dfa-a5e"
age
760
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2F64xa0GAbzGwAY5CSPlnJ7WZ49Jl%2FvK7NWg2SHA2h%2Bn%2FhabGAF65X0mX9%2Babz7PB%2BG%2FkbGWVdJH%2BKvQkdFZhiUfWEpxZxOTikliNLhM607DCJrSw7Wa5XUkvMg%3D%3D"}]}
cf-ray
946478a19e97fb7d-AMS
expires
Tue, 27 May 2025 09:28:58 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 27 May 2025 09:26:31 GMT
content-type
application/javascript
last-modified
Mon, 26 May 2025 15:51:22 GMT
server
cloudflare
vary
accept-encoding
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 99F9 		221 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
br
etag
81102085050987160
age
1630
x-content-type-options
nosniff
expires
Tue, 27 May 2025 09:59:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 27 May 2025 08:59:21 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69707
x-xss-protection
0
server
cafe
sol-01-300x250.png
storage.googleapis.com/c6-public-10328d0c-697e-41d3-95f8-ed36f7088f00/ Frame 99F9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/c6-public-10328d0c-697e-41d3-95f8-ed36f7088f00/sol-01-300x250.png
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:1450:4001:829::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
33c6b9247b8bf288ccf9805f6396c673d6cb5f344c5f03d6eed168b03868e2b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=tiwBvw==, md5=2gYn3fVnW4MoP8E39EBUmA==
etag
"da0627ddf5675b83283fc137f4405498"
age
1217
x-goog-stored-content-encoding
identity
expires
Tue, 27 May 2025 10:06:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
13193
date
Tue, 27 May 2025 09:06:14 GMT
last-modified
Tue, 04 Mar 2025 14:24:45 GMT
content-type
image/png
x-guploader-uploadid
ABgVH8_bZTILMC3IVCGfoqCDv3-bx22kqGadNcorl_ZUQ4B_nBT_H0FHBSC8jC_3AmsDecUE
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1741098285134052
content-length
13193
server
UploadServer
hbp_master_764624_22865.js
player.hb.selectmedia.asia/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame 99F9 		450 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.hb.selectmedia.asia/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_764624_22865.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/485649/hb_764624_22865.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
openresty /
Resource Hash
9a20e600d874f14d77a3dd6ad7b26f9254bd1e18f85dba2cb2ad08d8e9886d7b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
max-age=172800
content-encoding
gzip
etag
W/"68348c5d-7083d"
expires
Thu, 29 May 2025 09:26:32 GMT
access-control-allow-origin
*
date
Tue, 27 May 2025 09:26:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 26 May 2025 15:44:29 GMT
server
openresty
hbw_master_764624_22865.js
player.hb.selectmedia.asia/prebidlink/hgVzd/ Frame 99F9 		2 MB
524 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.hb.selectmedia.asia/prebidlink/hgVzd/hbw_master_764624_22865.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/485649/wrapper_hb_764624_22865.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
openresty /
Resource Hash
3b26db4c7c6c6321b6bef411165460d102d2c9e17fce71d718e90e0dff05c7ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
max-age=172800
content-encoding
gzip
etag
W/"68348dfa-1b42a3"
expires
Thu, 29 May 2025 09:26:32 GMT
access-control-allow-origin
*
date
Tue, 27 May 2025 09:26:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 26 May 2025 15:51:22 GMT
server
openresty
gen_204
pagead2.googlesyndication.com/pagead/ Frame 99F9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 27 May 2025 09:26:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 99F9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 27 May 2025 09:26:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 99F9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 27 May 2025 09:26:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 99F9 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69279f70e682101033fdf5afe2d1aa8bc1851e8b5e19b9d680529bb08cf9cd33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
config.json
player.adtelligent.com/exchange_rates/305666/ Frame 99F9 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/305666/config.json?cb=https%3A%2F%2Fsub4.mafinet.store
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_764624_22865.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
openresty /
Resource Hash
8a4f11e2aa941b4d5f09e003042fbc195e385f1dd471091ccc01e1960f049736

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
W/"68350142-7984"
expires
Wed, 28 May 2025 09:26:32 GMT
x-proxy-cache
HIT
access-control-allow-origin
https://sub4.mafinet.store
date
Tue, 27 May 2025 09:26:32 GMT
content-type
application/json
last-modified
Tue, 27 May 2025 00:03:14 GMT
server
openresty
apstag.js
c.amazon-adsystem.com/aax2/ Frame 99F9 		380 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/hgVzd/hbw_master_764624_22865.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f1a19af73144c20b37591eb77a35b5528efcd2972c95975b2d9da7153a9ec12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"b5620855d04635cc3575b1d901d5dfda"
age
2872
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
i2kFDJo2c5eOXR0KpmKs1Y_Al6WyGz3K4ioiiUPEcz7NhcFc_O6UZA==
date
Tue, 27 May 2025 08:38:36 GMT
content-type
application/javascript
last-modified
Wed, 21 May 2025 18:19:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
x-amz-server-side-encryption
AES256
vr
sghb.hb.selectmedia.asia/ Frame 99F9 		0
0
prebid-request
onetag-sys.com/ Frame 99F9 		15 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_764624_22865.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://sub4.mafinet.store
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length
41
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
pbjs
endpoint.copper6.com/ Frame 99F9 		2 B
137 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://endpoint.copper6.com/pbjs
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_764624_22865.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.77.84.99 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

access-control-allow-origin
https://sub4.mafinet.store
content-length
2
date
Tue, 27 May 2025 09:26:32 GMT
content-type
application/json
server
nginx
access-control-allow-credentials
true
/
sghb.hb.selectmedia.asia/geo/ Frame 99F9 		165 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.hb.selectmedia.asia/geo/
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/hgVzd/hbw_master_764624_22865.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.235.37.234 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.234.37.235.167.clients.your-server.de
Software
Selectmedia /
Resource Hash
95ca898f312bf7863c97f17614ad1df7c859080513731996c8ecb8c07adb3edd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

X-Robots-Tag
noindex
X-Server-Ip
167.235.37.234
X-Tte
26
Connection
Keep-Alive
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Access-Control-Allow-Origin
https://sub4.mafinet.store
Content-Length
165
Date
Tue, 27 May 2025 09:26:32 GMT
Content-Type
application/json
Server
Selectmedia
X-Server-Name
ads102
tracking
sghb.hb.selectmedia.asia/adunit/ Frame 99F9 		43 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.hb.selectmedia.asia/adunit/tracking?event=11&type=0&client_id=764624&site_id=22865&strategyId=27&pbjsv=v8.52.12&full_page_url=https%3A%2F%2Fsub4.mafinet.store&adid=6basid.u&features=81952&vpbv=B378&lifecycle_tte=335
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/hgVzd/hbw_master_764624_22865.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.235.37.234 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.234.37.235.167.clients.your-server.de
Software
Selectmedia /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

X-Robots-Tag
noindex
Connection
Keep-Alive
Access-Control-Allow-Credentials
true
Permissions-Policy
browsing-topics=()
Access-Control-Allow-Origin
https://sub4.mafinet.store
Content-Length
43
Date
Tue, 27 May 2025 09:26:32 GMT
Content-Type
image/gif
Server
Selectmedia
ec4e8edf-c46b-44a1-bcab-17b3a4420b9a
config.aps.amazon-adsystem.com/configs/ Frame 99F9 		563 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/ec4e8edf-c46b-44a1-bcab-17b3a4420b9a
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-123.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
318faf2666a0b3b2cc37b7b7e8cbcb4d042e13aade80168df660280b4f3ca42c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
max-age=3600
age
392
via
1.1 64c8688da1fd73389eb91af90ae83792.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
dSEFB03CNSeGSFhLzYe77qdyiW7BD4EM0C2T5XOEhX_vXPcrkuOAhw==
date
Tue, 27 May 2025 09:20:00 GMT
content-type
application/javascript
x-amz-cf-pop
FRA56-P8
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ Frame 99F9 		702 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsub4.mafinet.store&pubid=ec4e8edf-c46b-44a1-bcab-17b3a4420b9a
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
Server /
Resource Hash
f92266b24326157ec9acae26901f3b9fb036b17dc783762c70b49f099954af6b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
access-control-allow-origin
https://sub4.mafinet.store
x-cache
Miss from cloudfront
content-length
702
x-amz-cf-id
oncyfcnfhZp99MdO8WUo7iigwaU3Hmj7lk95P3eMrY9CQX0tRl_qOA==
date
Tue, 27 May 2025 09:26:31 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA56-P6
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 99F9 		6 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-allow-methods
GET
x-cache
Miss from cloudfront
x-amz-cf-id
KyNBZPQSafsZMxCe5QSduxgTOBL9uBows877Pdb23dMci0OtO3-RkA==
date
Tue, 27 May 2025 09:26:30 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
view
pagead2.googlesyndication.com/pcs/ Frame 99F9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst7Ac8TmZ05TTheWcuyHvx4PGGu2vUTcUU87CkSMUwwOjfzKvL3TvWOk2WfApYkyOzUfr4AYBA-IWk1X4SNxZty9TwAKco8_uwxJhdjPRXFOTFW_1u8Fnp6TvgTc7iCWdJIBXrmVB_9JkCRO400W-U2f_8t5gM6O98Ea0bBytW-U9TtKrAVyhjMR2juTnuEAEtIp1vxq5ufaPB26IxOCIZhCBFsgp2JSG4-yJNKOeroW6FZ0vtKgEh6rmSj3H4LQK5h-ilfBa8qgi4rshN-fiJv1BuHKcAM-jYCztIDrLeMxxPsnxNCWdpL1c3Wu_bxUAfA1U0x8rbF10asrdGs9vXMqd4OMlgAlzOJT7WyF9307P9_VH46z1LuAWEhCwyV7bHWCRXvmYvLPcb1zE3dnLq7aeRP8k4vRacXGyRB5XEr_91iei83jVrXz4ZFaB6ld0T0soVj2j89Ja5jDaV7rpBWVBo5ViNw2oNkmvbXlWJKhyQHKfWRkgQa_h5-AyTslvsX&sig=Cg0ArKJSzHHfj6pUR2uWEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 27 May 2025 09:26:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
hadron.js
cdn.hadronid.net/ Frame 99F9 		11 B
324 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fsub4.mafinet.store%2F&ref=https%3A%2F%2Fsub4.mafinet.store%2F&_it=amazon&partner_id=808
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a73f5986eb985871284e6e216372de3505634a97229de643216728d0fbfd6227

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
max-age=432000
content-encoding
br
cf-cache-status
HIT
etag
W/"ba4f7a703ea78ac1b72b5fe1be4fb407"
age
3381
cf-ray
946478a46c69665e-AMS
x-amz-request-id
30ESW1W2ZK679RV0
date
Tue, 27 May 2025 09:26:32 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
last-modified
Thu, 05 Dec 2024 20:48:49 GMT
x-amz-id-2
vUR56U4dT+uBLcfsQJPOy5zt8YY70QBqRK79jcTJYD4WF5y07NSxKqBZ9MkC3NxK2u5wo1slGAE=
log
navvy.media.net/ 		43 B
120 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://navvy.media.net/log
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.55.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.55.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=63072000
cache-control
max-age=0, no-cache, no-store
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version
pragma
no-cache
via
1.1 google
expires
Mon, 26 May 2025 09:26:32 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Tue, 27 May 2025 09:26:32 GMT
content-type
image/gif
ads
pagead2.googlesyndication.com/gampad/ 		728 B
196 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=692032044955955&correlator=1213668582482323&eid=31092678%2C95353384%2C83321072%2C95340253%2C95340255&output=ldjh&gdfp_req=1&vrg=202505200101&ptt=17&impl=fifs&iu_parts=23037861279%2CTOI_WEB%2CTOI_WEB_HOME%2CTOI_WEB_HOME_HP%2CTOI_WEB_HOME_HP_SKINNER_LHS%2CTOI_WEB_HOME_HP_SKINNER_RHS&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5&prev_iu_szs=125x600%7C160x600%7C120x600%2C125x600%7C160x600%7C120x600&ifi=3&dids=TOI_appgutter_left~TOI_appgutter_right&adfs=1603062329~2497139417&sfv=1-0-45&eri=1&sc=1&abxe=1&dt=1748337992700&lmt=1748337843&adxs=80%2C1391&adys=0%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsub4.mafinet.store%2F&vis=1&psz=1168x0%7C1168x0&msz=130x600%7C130x600&fws=516%2C516&ohw=1600%2C1600&psts=AOrYGslfO5wPHtlaB6SWltQ-S_fdg0aJ3n563tw-csej8DAny654yqnsv_ugH_ifp26Gs2_o8oajHuLTYKnrzRzbV3VoYIQjksDiCZFR_sOw1A&topics=5&tps=5&htps=5&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1748337988587&idt=382&prev_scp=size%3D%255B%255B125%252C600%255D%252C%255B160%252C600%255D%252C%255B120%252C600%255D%255D%26amznbid%3D2%26amznp%3D2%7Csize%3D%255B%255B125%252C600%255D%252C%255B160%252C600%255D%252C%255B120%252C600%255D%255D%26amznbid%3D2%26amznp%3D2&cust_params=_uid2%3D0%26sg%3D%26aud_flag%3Dfalse%26Meta_Keywords%3DNews%252C%2520Breaking%2520news%252C%2520Latest%2520news%252C%2520Live%2520news%252C%2520Today%2520news%252C%2520News%2520Today%252C%2520India%2520news%252C%2520English%2520news%252C%2520Politics%2520news%252C%2520Top%2520news%2520in%2520India%26Content_URL%3Dhttps%253A%252F%252Ftimesofindia.indiatimes.com%26SCN%3Dhome%26Tmpl_SCN%3Dhome%26Channel%3Dtoi%26loggedin%3Dno&adks=4004882736%2C1998359864&frm=20&gblpids=%2F23037861279%2FTOI_WEB%2FTOI_WEB_HOME%2FTOI_WEB_HOME_HP%2FTOI_WEB_HOME_HP_SKINNER_LHS~%2F23037861279%2FTOI_WEB%2FTOI_WEB_HOME%2FTOI_WEB_HOME_HP%2FTOI_WEB_HOME_HP_SKINNER_RHS&pbbce=1&td=1&tan=895c3671-8445-4a5a-b57d-54b06746a5fa%2C895c3671-8445-4a5a-b57d-54b06746a5fb&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
b6d55182ccba0fdb1488f68577d4054d55ab14bb45c9995614ca629fb39d6ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
br
google-lineitem-id
-2,-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2,-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 27 May 2025 09:26:33 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2,-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://sub4.mafinet.store
content-length
167
x-xss-protection
0
server
cafe
log
navvy.media.net/ 		43 B
97 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://navvy.media.net/log
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.55.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.55.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=63072000
cache-control
max-age=0, no-cache, no-store
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version
pragma
no-cache
via
1.1 google
expires
Mon, 26 May 2025 09:26:32 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Tue, 27 May 2025 09:26:32 GMT
content-type
image/gif
log
navvy.media.net/ 		43 B
61 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://navvy.media.net/log
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.55.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.55.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=63072000
cache-control
max-age=0, no-cache, no-store
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version
pragma
no-cache
via
1.1 google
expires
Mon, 26 May 2025 09:26:32 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Tue, 27 May 2025 09:26:32 GMT
content-type
image/gif
ads
pagead2.googlesyndication.com/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=692032044955955&correlator=2709560948418450&eid=31092678%2C95353384%2C83321072%2C95340253%2C95340255&output=ldjh&gdfp_req=1&vrg=202505200101&ptt=17&impl=fifs&iu_parts=23037861279%2CTOI_WEB%2CTOI_WEB_HOME%2CTOI_WEB_HOME_HP%2CTOI_WEB_HOME_HP_MREC_2&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=5&dids=63a942c0f0b97eeabf1adff9&adfs=3350847623&sfv=1-0-45&eri=1&sc=1&abxe=1&dt=1748337992737&lmt=1748337843&adxs=1048&adys=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsub4.mafinet.store%2F&vis=1&psz=300x268&msz=300x0&fws=4&ohw=1600&psts=AOrYGslfO5wPHtlaB6SWltQ-S_fdg0aJ3n563tw-csej8DAny654yqnsv_ugH_ifp26Gs2_o8oajHuLTYKnrzRzbV3VoYIQjksDiCZFR_sOw1A&topics=5&tps=5&htps=5&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1748337988587&idt=382&prev_scp=name%3D%2522mrec1%2522%26size%3D%255B%255B300%252C250%255D%255D%26amznbid%3D2%26amznp%3D2&cust_params=_uid2%3D0%26sg%3D%26aud_flag%3Dfalse%26Meta_Keywords%3DNews%252C%2520Breaking%2520news%252C%2520Latest%2520news%252C%2520Live%2520news%252C%2520Today%2520news%252C%2520News%2520Today%252C%2520India%2520news%252C%2520English%2520news%252C%2520Politics%2520news%252C%2520Top%2520news%2520in%2520India%26Content_URL%3Dhttps%253A%252F%252Ftimesofindia.indiatimes.com%26SCN%3Dhome%26Tmpl_SCN%3Dhome%26Channel%3Dtoi%26loggedin%3Dno&adks=831555140&frm=20&gblpids=%2F23037861279%2FTOI_WEB%2FTOI_WEB_HOME%2FTOI_WEB_HOME_HP%2FTOI_WEB_HOME_HP_MREC_2&pbbce=1&td=1&tan=895c3671-8445-4a5a-b57d-54b06746a5fc&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
1d02d23601835872a2b24bbe96451e0bd867be46a90014bd60b62fffd2dbaa28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
br
google-lineitem-id
6791158453
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 27 May 2025 09:26:32 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138490425411
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://sub4.mafinet.store
content-length
12188
x-xss-protection
0
server
cafe
log
navvy.media.net/ 		43 B
61 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://navvy.media.net/log
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.55.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.55.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=63072000
cache-control
max-age=0, no-cache, no-store
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version
pragma
no-cache
via
1.1 google
expires
Mon, 26 May 2025 09:26:32 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Tue, 27 May 2025 09:26:32 GMT
content-type
image/gif
view
pagead2.googlesyndication.com/pcs/ Frame 4495 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu3l1CZpdWP5w3ApO4tsz4tB8Zg5gqxrDEP17qlNKzM_0oWG801K50jLxOrCQx4urCeflrFZdqmowLSm1X0AHe5LdsTIQp7mTo4JMsIadx_7goD9DY7IM6dZC1IwXiPncVlnLKZDKiBXyoBlUgu5hh9taED0HU3QWhV21O139-TIFhQwDXR644dnnRT-KAzQABqIVltaJCwmSyInjRxkfrZpkByMJkKF2iW5YQOtUEfgkIltgMBriGygdMA3hw2oNbw-8E97AP5Jv7MbrraKLhzFMymcxeX6g4riEx2FARSVhtYYpksv4joNuFJX99Sl4J1OOyGEtNIauHFTkEsolVrXW0FkBgSUQH37mEEHGj814rRhemzUTjvxXBW81-D9lsDKEojKdubFQz8V7khFv4eVmHyJZ5_phtPng6vhBixebkHqTfV8mtBoLM4etMxr4qezslUDwheSvPbRmyCE9HcaUO6MigryV8vN6Ss8Zk_SQRXOD5MMIuk_jC5Zw&sig=Cg0ArKJSzFI_uFUOqfPQEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 27 May 2025 09:26:33 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4495 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
6e9664257aff1b09b120f72ab6ee6dd9ff9f0feea3ba4dea63fee45a96085ed2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
br
etag
370 / 20235 / m202505200101 / config-hash: 1295865988360337441
x-content-type-options
nosniff
expires
Tue, 27 May 2025 09:26:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 27 May 2025 09:26:33 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33902
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4495 		221 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
br
etag
81102085050987160
age
1630
x-content-type-options
nosniff
expires
Tue, 27 May 2025 09:59:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 27 May 2025 08:59:21 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69707
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4495 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 27 May 2025 09:26:33 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4495 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 27 May 2025 09:26:33 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4495 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 27 May 2025 09:26:33 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 4495 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
008a8e0bcb4cdc9c33c91b3f3d8908dc7f18317f4e529cd3e49e177037154abc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/ Frame 4495 		539 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
638b32a4f2339ff4f58198fe56ffb89091e03c23d76a39821797c01f026e21ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
br
etag
8367355567805738573
age
590
x-content-type-options
nosniff
expires
Wed, 27 May 2026 09:16:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 27 May 2025 09:16:38 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
173743
x-xss-protection
0
server
cafe
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 4495 		80 B
77 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=sub4.mafinet.store
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
3b3522b5df3299e1fee14b34540d6c40f6ed11f475443416b8f84bfc19a7d03f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 27 May 2025 09:26:33 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
53
date
Tue, 27 May 2025 09:26:33 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
view
pagead2.googlesyndication.com/pcs/ Frame 4495 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssnoXbMJWKdzZknB4z5BMGyktvmgMo5FZfjgvIdvWWj9aHeF4OxBbKVqTO4_z24rviY2fqLecZLjmoW0zHP7Nhy1ZP74fnLVruzCLS866DkgI82a7W7srClsLLgwyR6lCH8vNfQgWfv-qmUPrTWVCORAc057KmJOe6uCItixOVBrb-2KrTq3xzwHonej-KCpGfA6cbjsSwwNFocr84SAdFKi9z2RUMCOBTRPAeEAw2TvEszFdYPUN65fKl5v9ILYN6_06Uw-3CSvfGu8-0HYMuHTKABsnq0bQo2zkcRhDn-f9ESJdNMtTDaeNTxJRgOevL8OHlKyCJARwu2CcO083SNLSWBTEjWUy6OObR5ZOXT89xTtUWdrBV8UbMsofob9cIASEkAFTqzcQAQkgEgKEnFQDFfczp-HJFZMcqUAEzv-TNIyMs7dy8q-BM27xEfw_m_fVeBOLITmsp-16K_g_F4ymA0SGNoX0FxpClNWMSiXGQtPVdQxz0oKGRhz5e5&sig=Cg0ArKJSzOB87sc5pzjEEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 27 May 2025 09:26:33 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202505220101/ Frame 4495 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202505220101/gpt
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8c9c942cbc4b50a998e5204686305e5192f73e9a64425654ef4b8716015b8b67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
10260624382802495031
age
442
x-content-type-options
nosniff
expires
Tue, 03 Jun 2025 09:19:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 27 May 2025 09:19:07 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23619
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202505220101"
sodar
ep1.adtrafficquality.google/getconfig/ Frame 4495 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202505200101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
1f2ded531246bc4ca6d746f69a02cedd007315c4a063909194150788f0d135f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12897
date
Tue, 27 May 2025 09:26:33 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ads
pagead2.googlesyndication.com/gampad/ Frame 4495 		477 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=7776449514815634&correlator=433801102549785&eid=31091881%2C31092625%2C95353385%2C83321072&output=ldjh&gdfp_req=1&vrg=202505200101&ptt=17&impl=fif&iu_parts=23151320311%2Ctoi%2Ctoi_mweb_300x250_2G&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C336x280%7C200x200&ifi=1&dids=gpt-passback&adfs=264697046&sfv=1-0-45&sc=1&abxe=1&dt=1748337993131&lmt=1748337993&adxs=1048&adys=1212&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=h0pn174x9of&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fsub4.mafinet.store%2F&ref=https%3A%2F%2Fsub4.mafinet.store%2F&top=https%3A%2F%2Fsub4.mafinet.store%2F&vis=1&psz=0x0&msz=300x0&fws=256&ohw=0&topics=5&tps=5&htps=5&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1748337993000&idt=82&adks=721484897&frm=23&td=1&tan=5fedc44a-5928-4118-8ddc-71b1f11e21af&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
c79116a774369597964241521ac1873f94b2d7cbde4a5e7b7493555dfdd4bf0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
br
google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 27 May 2025 09:26:33 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://sub4.mafinet.store
content-length
223
x-xss-protection
0
server
cafe
container.html
ab1034c41a49019d8f63fd87332c878d.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame CD1D 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ab1034c41a49019d8f63fd87332c878d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sub4.mafinet.store/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 May 2025 09:26:33 GMT
expires
Tue, 27 May 2025 09:26:33 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
ep2.adtrafficquality.google/sodar/ Frame 4495 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-encoding
gzip
etag
"1747411493688989"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Tue, 27 May 2025 09:26:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 09:26:33 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
7188
x-xss-protection
0
server
sffe
activeview
pagead2.googlesyndication.com/pcs/ Frame 99F9 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMd2ZfMBTE9JSh_zQOOrD--TNHNabNkRrnVR-etcVmAxG2HcomBWrz5_2wnkG2ll4ykzFGsykqFia5Nd6yBmDx15N7tMY_sHUInEfFM9V7VZ2koToNHgYgXkl4iYv7jifR3JhGmi09QUOW5p4qHIdjcGjs_T-DGwJ74LiF0OTgzJmILUSfWQ&sig=Cg0ArKJSzAcJQlPAj2glEAE&id=lidar2&mcvt=1000&p=238,1047,488,1347&tm=1235.6000003814697&tu=235.80000019073486&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20250521&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=295926755&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=4427079200&rst=1748337991881&rpt=363&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 27 May 2025 09:26:33 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame 1BD7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sub4.mafinet.store/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2940
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5044
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 May 2025 08:37:33 GMT
expires
Tue, 27 May 2025 09:27:33 GMT
last-modified
Tue, 13 May 2025 23:17:50 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
multitracking
sghb.hb.selectmedia.asia/adunit/ Frame 99F9 		0
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.hb.selectmedia.asia/adunit/multitracking
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/hgVzd/hbw_master_764624_22865.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.235.37.234 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.234.37.235.167.clients.your-server.de
Software
Selectmedia /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://sub4.mafinet.store/

Response headers

Connection
Keep-Alive
Permissions-Policy
browsing-topics=()
X-Robots-Tag
noindex
Access-Control-Allow-Origin
https://sub4.mafinet.store
Date
Tue, 27 May 2025 09:26:33 GMT
Server
Selectmedia
Access-Control-Allow-Credentials
true
kanIy_w-orPMh5Mq6yBRDet9M9poaqTkrn00PCpHWUU.js
pagead2.googlesyndication.com/bg/ Frame 1BD7 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/kanIy_w-orPMh5Mq6yBRDet9M9poaqTkrn00PCpHWUU.js
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
sffe /
Resource Hash
91a9c8cbfc3ea2b3cc87932aeb20510deb7d33da686aa4e4ae7d343c2a475945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ep2.adtrafficquality.google/

Response headers

content-encoding
br
age
399892
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options
nosniff
expires
Fri, 22 May 2026 18:21:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 22 May 2025 18:21:41 GMT
last-modified
Mon, 19 May 2025 09:28:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges
bytes
content-length
21069
x-xss-protection
0
server
sffe
generate_204
ep2.adtrafficquality.google/ Frame 1BD7 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep2.adtrafficquality.google/generate_204?WrVIyQ
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 27 May 2025 09:26:33 GMT
cross-origin-resource-policy
cross-origin
var=colaud
ade.clmbtech.com/cde/aef/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ade.clmbtech.com/cde/aef/var=colaud?cid=2658:3&optout=1&_u=https%3A%2F%2Fsub4.mafinet.store%2F
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:60::214:f546 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
POST, GET
access-control-allow-origin
*
content-length
0
date
Tue, 27 May 2025 09:26:33 GMT
vary
Origin
server
Bhoot
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
sodar
ep1.adtrafficquality.google/pagead/ Frame 4495 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gpt_m202505200101&jk=7776449514815634&bg=!c3ClcD_NAAYA59AtIOc7ADQBe5WfOI683cSvkwXYMCluduT9oKD1hDQDU4XbfPXLMP8FTb7IJGA-3viwlu07KE49GtLjAgAAAE1SAAAAAmgBB34ANnLp4oSAFA_pYzanvi3oOJE0pGcBRcWIdmtraufrOYGCt9DqK_yfAhPsgikRmZWaZVVse_VXywoAevCjx7fpZW-VYba_HoqF9_iM4uPoCuB5Gzy0C1bOEoKeVlMx33d71k3SIm78dEeFu7FTVM_I0U4JFfCiX4yPPo_R4mqcSC2HGUg9xVyQok8tUS9qZczNP6wlJsuHsF336ObKHf43309UScR5YHlSx2YldRkO7aT--QLxmQJs8rY0UdMkNcI6kN2cfTgXpyo3peTkCI-LZAvJNh9q_XCysLitnkc73vNr1VP8M86EYYAHd4JHGXdoxOmOodh_JEJruHI92TFs4_fE7_lrVaGiP5b_44kvx2fFkmU_90SIxarLvGn06Ii1-rCb-wu9ZqBva7Wnxjfm2Fi6w1X6Zw12Ypzn52JIdkIvMbJMRXjaNmPFUJvs2SK3teOfWSWOWhWXxIBMXyUhv4qPh4ZTe9dstkwHBVqlDIyP2p_dDN3pm9aD5HUVo8ehg3K9vFo9s4P5cyd_e0qH__kjFL0dJmrkXV7iQ_vwXOr2AYQrP7xdUSoXy6OIGNX6ng40y1zu-lcA3812TWXFqmI2HDKrRAlKHE4KDDtln5m_-7Vg76cWQn6NRx1VtV39i8BmNVoc1NPTnJMUFiuU4KNzerTJNlk2jkO4OhEQkFXUpXB1zphyMTAPsAhFXfgAVAuavnnsy8VBQL5mIpk013tXtMcfs1P3NnagYdW54UWdT-ux8y6Cak_V1F8m6nyvynlt5hCZUH_bLsOP8dN7sw3q9K4yoBfSl2Vp7b0YullpHL3KqI63bPvx9zAwQyKzpDIkKbjnNKyTBu6XHcCtguN6aOgti5E_sxEPUXDbOLTdUdUCu0QJC48rUyRotQnzEgt_pkwWXH73MdPz2Na6ntSIysz0dOEicvPePC9Lzk6PSkDYalo2WjqVKqYaYVJ9xviwXJ0QTFiY0N1gxQOzBa86h_0TjUiTjk3LsrOTaUODUGGSHD9DYbhXj6aRW1ddZeC_86vU7bBclwr_245y2y-U4reEvBbd-wyzLNAGmn7ZQow
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 27 May 2025 09:26:34 GMT
x-xss-protection
0
content-type
image/
server
cafe
eligible
events.bouncex.net/track.gif/ 		42 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=IYEw+grgdglgLgZwLwFYAMBSATAYQGwDMAZABbAKQwhJqnmXhUCmUc8AnmCRAEY1EIA9hABOAYyZJQCIiKYAbQaBzAAtgAdgMAOZQEANSxIAjERDaAXDAQBlXgjEiYPJiKRnL1gApyAbjGEEHAgEOEFVV3dzCzFgMRImABUbdwgARxMBJm0I1jAqZCJYjS1dKiQsPAAOKuN0ImBtFjgkACsZVUEQSVoAdyYeBHgmcoB2FAIUIn8htmpjUYAWKoICUYBOKvXF0ZWURbMmfwkx9fWUUbQsdcq8NGqqtAmsIk0m-yZe8tMEJjSIFgnagHMTyGDNNgRUJqdQmJYrNZnRbLF6g8GsYDqGC+VxDQRQJBwRrEbrHSQgIhwEgwETgTQiOCcUKCESNJhgEDWYA8eRMagAM2A8l+lIAXoIkABaYxYNBAA
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 27 May 2025 09:26:34 GMT
content-type
image/gif
usync.html
eus.rubiconproject.com/ Frame 62B6 		269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://sub4.mafinet.store/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Tue, 27 May 2025 09:26:34 GMT
etag
"10d-629840acea280-gzip"
last-modified
Wed, 18 Dec 2024 04:42:34 GMT
server
Apache/2.4.62 (Debian)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame F206 		3 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://sub4.mafinet.store/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

age
1055
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
94647893aca337c0-AMS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 27 May 2025 09:26:29 GMT
expires
Tue, 27 May 2025 13:26:29 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
timesinternet-d.openx.net/w/1.0/ Frame 2AB9 		199 B
425 B 		Document
General
Check archive.org
Download Go to
Full URL
https://timesinternet-d.openx.net/w/1.0/pd
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://sub4.mafinet.store/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-length
199
content-type
text/html
date
Tue, 27 May 2025 09:26:33 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept, Accept-Encoding
via
1.1 google
x-forwarded-for
185.65.134.154
/
csync.smilewanted.com/ Frame 00D4 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb2e5e9e5e5e23e4be4628d02107420429c20bd9a747a4b7d0d738b80082423a

Request headers

Referer
https://sub4.mafinet.store/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
946478b21c8a1c7d-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 27 May 2025 09:26:34 GMT
server
cloudflare
vary
Accept-Encoding
syncframe
gum.criteo.com/ Frame 3F8D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=sub4.mafinet.store&gpp=
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
30b7f0adc63bb1e3010cee77e9aa68b9aa8511ec29abb030a2a7d710473951a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sub4.mafinet.store/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 27 May 2025 09:26:33 GMT
server
Kestrel
server-processing-duration-in-ticks
781904
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 12D8 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=164398
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.185.43 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-185-43.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a88123f7890e58349e3a64226c716be9d346a42ba76e542a8ebdd30026a89604

Request headers

Referer
https://sub4.mafinet.store/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=20799
content-encoding
gzip
content-length
6694
content-type
text/html
date
Tue, 27 May 2025 09:26:34 GMT
expires
Tue, 27 May 2025 15:13:13 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
sync.inmobi.com/ Frame 4BB6
Redirect Chain
  • https://sync.inmobi.com/prebidjs?
  • https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=
  • https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.212.104.44 Washington, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
44.104.212.35.bc.googleusercontent.com
Software
/
Resource Hash
feb848cd84a8592c7689d17f5605a4870beab70d33b7f406318def1733a0d436

Request headers

Referer
https://sub4.mafinet.store/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-length
5510
content-type
text/html;charset=UTF-8
date
Tue, 27 May 2025 09:26:34 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 google

Redirect headers

content-length
0
date
Tue, 27 May 2025 09:26:34 GMT
location
https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4AC1 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sub4.mafinet.store/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
4844
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 27 May 2025 09:26:34 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 23 Jan 2025 21:34:45 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1359546, 15785
X-Served-By
cache-lga21993-LGA, cache-ams2100126-AMS
X-Timer
S1748337995.580514,VS0,VE0
prebid_iframe_sync.html
cdn.taboola.com/scripts/ Frame 0602 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/prebid_iframe_sync.html
Requested by
Host: assets.toiimg.com
URL: https://assets.toiimg.com/js/toi_prebid.js?v=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2cfc3d9f68235dca692e8b8d70e2de1f872d321133005c628d1306ac0d72f225

Request headers

Referer
https://sub4.mafinet.store/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

abp
4
accept-ranges
bytes
access-control-allow-origin
*
age
38
cache-control
private,max-age=14400
content-encoding
gzip
content-length
2025
content-type
text/html
date
Tue, 27 May 2025 09:26:34 GMT
etag
"ba0777792ce6c88cb6ac61d50f5ed420"
last-modified
Thu, 30 Nov 2023 18:35:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 varnish
x-amz-id-2
WbOH8OtnHMRl3FY162dnRQWRveBaiG1kE50KaJh02BsO7X5y+vSr63fqkkLo+Nrwxke/VJo8bC4=
x-amz-replication-status
COMPLETED
x-amz-request-id
GDPNFYB24V57YBM5
x-amz-server-side-encryption
AES256
x-amz-version-id
7Bl.XaNXVuUlHrm3kacHfal8wWJB1784
x-cache
HIT
x-cache-hits
2
x-served-by
cache-ams21078-AMS
x-timer
S1748337995.573103,VS0,VE0
usersync
match.adsrvr.org/track/ 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/usersync?us_privacy=&gdpr=0&gdpr_consent=undefined&ust=image
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

content-length
70
date
Tue, 27 May 2025 09:26:34 GMT
content-type
image/gif
server
Kestrel
usermatch
ssum-sec.casalemedia.com/ Frame DB11 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a86216daef5bc38f58b3e691cae73a2eb8ec3ae01a1e99ba09bf2ee727c4554

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
946478b1eef166da-AMS
content-encoding
br
content-type
text/html
date
Tue, 27 May 2025 09:26:34 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nO5lojayiiqzLMfLY2p%2F6n8ErTg%2FBXDQpmdbTdeip46AUpOtTDsXly90hYvvfUrsFyyT95Yfb6PUYViBOzWXADjaY%2FIKt8Dglwx52f5nKZYZvRe8WVE%2BO%2BSsuBXnSFfCvc4zSRFiMCBDkg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 62B6 		44 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) / PHP/8.3.13
Resource Hash
7b230772796291d29a31c3fb51dc288307930477a442296c33aa21cdce751bb6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html

Response headers

cache-control
max-age=79143
content-encoding
gzip
expires
Wed, 28 May 2025 07:25:32 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11387
date
Tue, 27 May 2025 09:26:29 GMT
last-modified
Tue, 27 May 2025 07:25:32 GMT
x-powered-by
PHP/8.3.13
server
Apache/2.4.62 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 12D8 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=2650329&p=164398&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=164398
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
131cc84e128c85cbe29db358094cae95be1e5f1778db4667f1875a46ec0773c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 27 May 2025 09:26:33 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
31327
i.liadm.com/s/ Frame DB11 		0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=aDWFRVVbLV8ADimOAtreVwAA%265181&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.216.139.205 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-13-216-139-205.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
0
Date
Tue, 27 May 2025 09:26:34 GMT
trace-id
af929178f79f24cf
Request-Time
0
Connection
keep-alive
getuid
secure.adnxs.com/ Frame DB11 		0
0
aDWFRVVbLV8ADimOAtreVwAAFD0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DB11 		43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/aDWFRVVbLV8ADimOAtreVwAAFD0AAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:1e46:8c0d:1caf:fdca Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

strict-transport-security
max-age=31536000
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
age
0
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-length
43
date
Tue, 27 May 2025 09:26:34 GMT
content-type
image/gif
server
ATS
x-frame-options
DENY
rum
dsum-sec.casalemedia.com/ Frame DB11
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&__qcmcs=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=FxedNhkammIMTpc2ERmDNxgdzGcMGpgxFUxfYsAq
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=FxedNhkammIMTpc2ERmDNxgdzGcMGpgxFUxfYsAq
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0AZ8H%2F8lVpjnmbcvcYGQCiM%2FylkM%2BikwsjhcMZ6FnfZQh4SOQxyn17c9utHD9b%2B9aaipM7kwucKmVYBZFEFu%2BwwCqRFO7PT%2B7rErvQ0KdBA%2BnAIpzdWVCh%2F984wraAlTqTfTA5PRV2Eqxw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 27 May 2025 09:26:34 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
946478b3183366a0-AMS
content-length
43
server
cloudflare

Redirect headers

strict-transport-security
max-age=86400
cache-control
private, no-store, proxy-revalidate
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=FxedNhkammIMTpc2ERmDNxgdzGcMGpgxFUxfYsAq
content-length
0
date
Tue, 27 May 2025 09:26:34 GMT
pixel
cm.g.doubleclick.net/ Frame DB11
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aDWFRVVbLV8ADimOAtreVwAA
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aDWFRVVbLV8ADimOAtreVwAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Tue, 27 May 2025 09:26:34 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ItMde4OdOfU1FUKuCWFQVi%2BlWm6M3hg52qoymZ0QNe%2BmRgeosgM18PbhtJc%2F1fh7R8KA%2BX5Yj%2FfRKXb7GbTOsUAmNDn6HdhuOBzXN2q7aC5LgAxMvwZZyXtAytaM%2FyKrZ5QxKqeyWWYVnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 27 May 2025 09:26:34 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
location
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aDWFRVVbLV8ADimOAtreVwAA
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
946478b26fb166a0-AMS
content-length
0
server
cloudflare
crum
dsum-sec.casalemedia.com/ Frame DB11
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662135072175972
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662135072175972
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FIXAVWyCxrIxMCR9HeVHnGiGzjGTGCCuM83DtMvST1DsK3SmpmRUk%2FbHmdxvL3UtVt1h7h0gU1MwJZ3F%2FOTiavjytsybWtQsYh88K9QhI5o71s%2BLMpbeoIgrviasKgCdMEiNmQFMPQhM3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 27 May 2025 09:26:35 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
946478b4a90866a0-AMS
content-length
43
server
cloudflare

Redirect headers

cache-control
no-cache, private
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662135072175972
cf-cache-status
DYNAMIC
pragma
no-cache
x-function
209
cf-ray
946478b3ab8e19f7-AMS
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-reuse-index
333
p3p
CP="NOI DEVo TAIa OUR BUS"
server-timing
cfExtPri
date
Tue, 27 May 2025 09:26:34 GMT
content-type
text/html
server
cloudflare
priority
u=3,i
getuid
ib.adnxs.com/ Frame DB11 		0
0
bridge
cm.adgrx.com/ Frame DB11 		43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.19.224.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-224-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cache-control
max-age=0, private, must-revalidate, no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Access-Control-Allow-Origin
*
Content-Length
43
P3P
CP="NOI OTC OTP OUR NOR"
Date
Tue, 27 May 2025 09:26:34 GMT
Content-Type
image/gif
vary
accept-encoding
htw-pixel.gif
cdn.indexww.com/ht/ Frame DB11 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?aDWFRVVbLV8ADimOAtreVwAA%265181
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsub4.mafinet.store%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cache-control
public, max-age=86400
cf-cache-status
HIT
etag
"2b-546dc3a097100"
age
19021
cf-ray
94647894ae8b37c0-AMS
expires
Wed, 28 May 2025 09:26:29 GMT
accept-ranges
bytes
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 27 May 2025 09:26:29 GMT
edge-control
cache-maxage=1h
content-type
image/gif
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
vary
Accept-Encoding
server
cloudflare
magnite
ssp.wknd.ai/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ssp.wknd.ai/magnite
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.170.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.170.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://sub4.mafinet.store
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,authorization
access-control-allow-methods
OPTIONS,POST,GET
access-control-allow-origin
https://sub4.mafinet.store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 27 May 2025 09:26:34 GMT
server
istio-envoy
via
1.1 google
magnite
ssp.wknd.ai/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ssp.wknd.ai/magnite
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.170.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.170.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://sub4.mafinet.store
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,authorization
access-control-allow-methods
OPTIONS,POST,GET
access-control-allow-origin
https://sub4.mafinet.store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 27 May 2025 09:26:34 GMT
server
istio-envoy
via
1.1 google
publishertag.js
static.criteo.net/js/ld/ 		130 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_0ce74a58811fd5fc784b060520739160.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::28 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
nginx /
Resource Hash
ea0b1b26eddf922e2743c05d74d97f6cd119ebfd5f8ff7f4c5e64871028ff39a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"67ece34f-20756"
cross-origin-resource-policy
cross-origin
expires
Wed, 28 May 2025 09:26:34 GMT
access-control-allow-origin
*
date
Tue, 27 May 2025 09:26:34 GMT
content-type
text/javascript
last-modified
Wed, 02 Apr 2025 07:12:15 GMT
server
nginx
cygnus
as-sec.casalemedia.com/ 		40 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=8.8&cb=1748337994610&s=922598&r=%7B%22id%22%3A%221748337994%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A3%2C%22maxduration%22%3A150%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A5%2C%22plcmt%22%3A3%2C%22playbackmethod%22%3A%5B2%5D%2C%22maxbitrate%22%3A16000%2C%22minbitrate%22%3A40%2C%22skip%22%3A1%2C%22w%22%3A880%2C%22h%22%3A495%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22overlay%22%7D%7D%5D%2C%22site%22%3A%7B%22mobile%22%3A0%2C%22page%22%3A%22https%3A%2F%2Fsub4.mafinet.store%2F%3Fdeployment%3Doverlay%26device%3Ddesktop%26segments%3D%22%2C%22name%22%3A%22Times%20Group%20%7C%20Times%20of%20India%22%2C%22domain%22%3A%22sub4.mafinet.store%22%2C%22privacypolicy%22%3A1%2C%22publisher%22%3A%7B%22domain%22%3A%22sub4.mafinet.store%22%2C%22name%22%3A%22Times%20Group%20%7C%20Times%20of%20India%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22segment%22%3A%5B%5D%2C%22placement%22%3A%5B%22overlay%22%5D%7D%7D%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F136.0.0.0%20Safari%2F537.36%22%2C%22ip%22%3A%22185.65.134.154%22%2C%22js%22%3A1%2C%22language%22%3A%22NL%22%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A7535%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%227535%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%7D&fn=jsonp
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eb50e3aff5b26f0d036181d172f330d95a50fe8611f20609348b163fdc330ed

Request headers

Referer
https://sub4.mafinet.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept
text/plain, */*; q=0.01
Content-Type
application/x-www-form-urlencoded

Response headers

cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SMdB2Ue9pAU2SLRGBpa8O%2FwPxTDQAbUYnenwdtX4WBX%2FQQVNnZ%2BcIxYuDLE2X9McZfmuFSaJ9jz0U3b%2FjhoVw68NCLGz3ImImLkvqK5ISda4IwAbyJxMBD3arbVHgZx4ZCXulQRkQZY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
946478b2ad7fb1fb-AMS
expires
0
access-control-allow-origin
https://sub4.mafinet.store
alt-svc
h3=":443"; ma=86400
content-length
40
date
Tue, 27 May 2025 09:26:34 GMT
content-type
text/javascript
vary
Accept-Encoding
server
cloudflare
cygnus
as-sec.casalemedia.com/ 		53 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&cb=1748337994611&s=922598&r=%7B%22id%22%3A%221748337994%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222%22%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A600%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22overlay%22%7D%7D%5D%2C%22site%22%3A%7B%22mobile%22%3A0%2C%22page%22%3A%22https%3A%2F%2Fsub4.mafinet.store%2F%3Fdeployment%3Doverlay%26device%3Ddesktop%26segments%3D%22%2C%22name%22%3A%22Times%20Group%20%7C%20Times%20of%20India%22%2C%22domain%22%3A%22sub4.mafinet.store%22%2C%22privacypolicy%22%3A1%2C%22publisher%22%3A%7B%22domain%22%3A%22sub4.mafinet.store%22%2C%22name%22%3A%22Times%20Group%20%7C%20Times%20of%20India%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22segment%22%3A%5B%5D%2C%22placement%22%3A%5B%22overlay%22%5D%7D%7D%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F136.0.0.0%20Safari%2F537.36%22%2C%22ip%22%3A%22185.65.134.154%22%2C%22js%22%3A1%2C%22language%22%3A%22NL%22%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A7535%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%227535%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%7D
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11f4c318106d3456e72fa2d2998e64f7903fd8ae0203b8a8df003321a298678b

Request headers

Referer
https://sub4.mafinet.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept
text/plain, */*; q=0.01
Content-Type
application/x-www-form-urlencoded

Response headers

cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2FK7L8rc32xlPqaNK2K74uKTMp9SU0IhBP4pvLneeDcfbs3ct%2BU%2BvYlgeovtduSWU1FxBnKmTjSwB7F%2BPhIE8HG2ZSerGllo2PQDTa14uapk6TyqnXw%2Fm%2F3VN58VlxW6PalAqjVqP8s%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
946478b29d7cb1fb-AMS
expires
0
access-control-allow-origin
https://sub4.mafinet.store
alt-svc
h3=":443"; ma=86400
date
Tue, 27 May 2025 09:26:34 GMT
content-type
text/javascript
vary
Accept-Encoding
server
cloudflare
translator
hbopenbid.pubmatic.com/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sub4.mafinet.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
text/plain; charset=UTF-8

Response headers

cache-control
no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials
true
observe-browsing-topics
?1
pmfcgi-resp
TRUE
access-control-allow-origin
https://sub4.mafinet.store
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 27 May 2025 09:26:34 GMT
server
nginx
translator
hbopenbid.pubmatic.com/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sub4.mafinet.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
text/plain; charset=UTF-8

Response headers

cache-control
no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials
true
observe-browsing-topics
?1
pmfcgi-resp
TRUE
access-control-allow-origin
https://sub4.mafinet.store
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 27 May 2025 09:26:34 GMT
server
nginx
magnite
ssp.wknd.ai/ 		0
13 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wknd.ai/magnite
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.170.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.170.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sub4.mafinet.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://sub4.mafinet.store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 09:26:34 GMT
x-envoy-upstream-service-time
26
server
istio-envoy
access-control-allow-credentials
true
magnite
ssp.wknd.ai/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wknd.ai/magnite
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.170.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.170.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sub4.mafinet.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/json

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
x-envoy-upstream-service-time
33
access-control-allow-credentials
true
via
1.1 google
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://sub4.mafinet.store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 09:26:34 GMT
server
istio-envoy
cm
trc.taboola.com/sg/prebidJS/1/ Frame 0602 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/sg/prebidJS/1/cm
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/prebid_iframe_sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://cdn.taboola.com/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 27 May 2025 09:26:34 GMT
x-served-by
cache-ams21078-AMS
x-cache-hits
0
cache-control
no-cache, no-store
x-fastly-to-nlb-rtt
871
pragma
no-cache
x-timer
S1748337995.625392,VS0,VE2
x-vcl-time-ms
2
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://cdn.taboola.com
x-service-version
v1
server
nginx
ifs.js
cdn.taboola.com/scripts/ Frame 0602 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/ifs.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/prebid_iframe_sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e17075cf2f747253cb3c737891be0f417b8f4330ddab9d53013bdd4ebca568ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://cdn.taboola.com/scripts/prebid_iframe_sync.html

Response headers

content-encoding
gzip
etag
"93d5bb91c9a48c4edbc164a65354b00c"
x-amz-version-id
hHYTz8VC1WtMBCSsI42K1YQZ3IXPhs3V
age
5360
x-cache
HIT
date
Tue, 27 May 2025 09:26:34 GMT
last-modified
Sun, 12 Mar 2023 12:23:45 GMT
x-served-by
cache-ams21078-AMS
x-cache-hits
1125
content-type
application/javascript
x-amz-id-2
wRPo4SXzV1AviwX/cDuVVZuPNK6Jy+K/kSoXCmRxFg3i4Ygl2Fs07slVI9lenuTfF+1XyCV0iP8=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=14400
x-timer
S1748337995.623928,VS0,VE0
via
1.1 varnish
x-amz-request-id
8PWY5EYGF1HE212N
accept-ranges
bytes
access-control-allow-origin
*
abp
63
content-length
988
server
AmazonS3
x-amz-server-side-encryption
AES256
async_usersync
ib.adnxs.com/ Frame 4AC1 		0
484 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://acdn.adnxs.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
185.65.134.154; 185.65.134.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
3d0eb27f-92e2-41b9-b410-c186737b9311
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 27 May 2025 09:26:34 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
sid
mug.criteo.com/ Frame 3F8D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=criteoPrebidAdapter&domain=sub4.mafinet.store&sn=ChromeSyncframe&so=0&topUrl=sub4.mafinet.store&topicsavail=1&fledgeavail=1
  • https://mug.criteo.com/sid?cpp=6tCXn3xWTkpZcDNQYUtSanZPM0x2Y0ZXL1pUeHZNM0UyVGU3ZlRBWitWUTE1SnZPakhyc2xEYUNwZG12ekE3VFJaZk5wblVCb090R3FYdk11SExuTXd1aE16N2JPL3Vxb0dFRmRQM3JObkRCWmdtb1dpOUEyWExSV01xYn...
1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=6tCXn3xWTkpZcDNQYUtSanZPM0x2Y0ZXL1pUeHZNM0UyVGU3ZlRBWitWUTE1SnZPakhyc2xEYUNwZG12ekE3VFJaZk5wblVCb090R3FYdk11SExuTXd1aE16N2JPL3Vxb0dFRmRQM3JObkRCWmdtb1dpOUEyWExSV01xYnlhVTI3Y3ljTDNTMnlIR3VDOEVyQXdkamcwVHZ3SE1wQnFNNlprVzRVUXJpM3BSSHBtTUoxeVUrUEFxNllkTUdYbUdrSm43bWMwQzNFazM2R2tLQkd0aVpqcjZKNTZ0OWtMZ1RQamhyQ01Pbi9tQktiRTdOczJZcHJnRzI5M1hCTVhGK0FSTGdWYldYdGF3WU5MQVhzVWlnYnU4VjZoY3lDUUpTbFRPWmx2VUQzbkQwck5kQWxFckxsQ1ZSdWZHZjczM1lPL0hnWHw&cppv=2
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0d857dbf215ce414146fcfb0da8df97da39af4b575453c3e354e925affbd4f9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://gum.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1293520
expires
0
access-control-allow-origin
https://gum.criteo.com
date
Tue, 27 May 2025 09:26:34 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
location
https://mug.criteo.com/sid?cpp=6tCXn3xWTkpZcDNQYUtSanZPM0x2Y0ZXL1pUeHZNM0UyVGU3ZlRBWitWUTE1SnZPakhyc2xEYUNwZG12ekE3VFJaZk5wblVCb090R3FYdk11SExuTXd1aE16N2JPL3Vxb0dFRmRQM3JObkRCWmdtb1dpOUEyWExSV01xYnlhVTI3Y3ljTDNTMnlIR3VDOEVyQXdkamcwVHZ3SE1wQnFNNlprVzRVUXJpM3BSSHBtTUoxeVUrUEFxNllkTUdYbUdrSm43bWMwQzNFazM2R2tLQkd0aVpqcjZKNTZ0OWtMZ1RQamhyQ01Pbi9tQktiRTdOczJZcHJnRzI5M1hCTVhGK0FSTGdWYldYdGF3WU5MQVhzVWlnYnU4VjZoY3lDUUpTbFRPWmx2VUQzbkQwck5kQWxFckxsQ1ZSdWZHZjczM1lPL0hnWHw&cppv=2
pragma
no-cache
server-processing-duration-in-ticks
349258
expires
0
content-length
0
date
Tue, 27 May 2025 09:26:34 GMT
server
Kestrel
match
c1.adform.net/serving/cookie/ Frame E5EB 		35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=5BE682BD-80DA-43CE-8F85-7BF415C5C01E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=164398
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.157.6.230 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 27 May 2025 09:26:34 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame A11D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1801426616012069664
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1801426616012069664
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=164398
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.231.98.109 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 27 May 2025 09:26:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 27 May 2025 09:26:34 GMT
expires
-1
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1801426616012069664
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame A915
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=164398
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.231.98.109 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 27 May 2025 09:26:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 27 May 2025 09:26:34 GMT
expires
Tue, 27 May 2025 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1146059
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 7365 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5BE682BD-80DA-43CE-8F85-7BF415C5C01E&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=164398
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 27 May 2025 09:26:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
DRYP5DFRE9CJ89KAB5S5
getuid
ib.adnxs.com/ Frame F6A6 		146 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=164398
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
bfb16f2d35702077ef9d8416d9eef53d688ff16e6faf73d5b9913d76e1144d9a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-length
146
content-type
text/html
date
Tue, 27 May 2025 09:26:34 GMT
server
nginx/1.23.4
x-proxy-origin
185.65.134.154; 185.65.134.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
cms
ups.analytics.yahoo.com/ups/58679/ Frame 12D8
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=5BE682BD-80DA-43CE-8F85-7BF415C5C01E&gdpr=0&gdpr_consent=
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=164398
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Tue, 27 May 2025 09:26:35 GMT
age
0
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade

Redirect headers

strict-transport-security
max-age=31536000
cache-control
no-store
location
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
content-length
257
date
Tue, 27 May 2025 09:26:35 GMT
content-type
text/html
content-language
en
server
ATS
info2
uipglob.semasio.net/pubmatic/1/ Frame 12D8
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=5BE682BD-80DA-43CE-8F85-7BF415C5C01E&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=5BE682BD-80DA-43CE-8F85-7BF415C5C01E&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=5BE682BD-80DA-43CE-8F85-7BF415C5C01E&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=164398
Protocol
HTTP/1.1
Server
77.243.51.121 Aalborg, Denmark, ASN42697 (NETIC-AS Netic A/S, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
routing-server-id
-1
frontend-id
4
pragma
no-cache
expires
Sat, 01 Jan 2011 12:00:00 GMT
access-control-allow-origin
*
uip-response-status
Ok
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
date
Tue, 27 May 2025 09:26:34 GMT
content-length
42
content-type
image/gif

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
location
/pubmatic/1/info2?sType=sync&sExtCookieId=5BE682BD-80DA-43CE-8F85-7BF415C5C01E&sInitiator=external&gdpr=0&gdpr_consent=
routing-server-id
-1
frontend-id
8
pragma
no-cache
expires
Sat, 01 Jan 2011 12:00:00 GMT
access-control-allow-origin
*
uip-response-status
Ok
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
date
Tue, 27 May 2025 09:26:34 GMT
content-length
0
mw
mwzeom.zeotap.com/ Frame 12D8 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=5BE682BD-80DA-43CE-8F85-7BF415C5C01E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=164398
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1572 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
cf-ray
946478b2cf2afba1-AMS
access-control-allow-origin
https://ads.pubmatic.com
content-length
95
date
Tue, 27 May 2025 09:26:34 GMT
content-type
image/png
vary
Origin
server
cloudflare
access-control-allow-headers
*
Pug
image2.pubmatic.com/AdServer/ Frame 12D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUJFNjgyQkQtODBEQS00M0NFLThGODUtN0JGNDE1QzVDMDFF&gdpr=0&gdpr_consent=&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUJFNjgyQkQtODBEQS00M0NFLThGODUtN0JGNDE1QzVDMDFF&gdpr=0&gdpr_consent=&google_cm=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDkIJET6lEt0CPS6wPhUGjE&google_cver=1
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDkIJET6lEt0CPS6wPhUGjE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=164398
Protocol
H2
Server
103.231.98.109 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding
gzip
date
Tue, 27 May 2025 09:26:34 GMT
content-type
text/html; charset=utf-8
server
nginx

Redirect headers

cache-control
no-cache, must-revalidate
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDkIJET6lEt0CPS6wPhUGjE&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
379
date
Tue, 27 May 2025 09:26:34 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 12D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=W-aCvYDaQ86PhXv0FcXAHg%3D%3D&gdpr=0&gdpr_consent=&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=W-aCvYDaQ86PhXv0FcXAHg%3D%3D&gdpr=0&gdpr_consent=&google_cm=&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESELIZc-e2dBkMvRIu9P49y6I&google_cver=1
20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESELIZc-e2dBkMvRIu9P49y6I&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=164398
Protocol
H2
Server
95.100.185.43 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-185-43.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
max-age=20799
content-encoding
gzip
expires
Tue, 27 May 2025 15:13:13 GMT
accept-ranges
bytes
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
6694
date
Tue, 27 May 2025 09:26:34 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
content-type
text/html
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, must-revalidate
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESELIZc-e2dBkMvRIu9P49y6I&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
362
date
Tue, 27 May 2025 09:26:34 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
Pug
image2.pubmatic.com/AdServer/ Frame 12D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKtpLUBL3G1UtaT-qMrRuj8&google_cver=1
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKtpLUBL3G1UtaT-qMrRuj8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=164398
Protocol
H2
Server
103.231.98.109 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding
gzip
date
Tue, 27 May 2025 09:26:34 GMT
content-type
text/html; charset=utf-8
server
nginx

Redirect headers

cache-control
no-cache, must-revalidate
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKtpLUBL3G1UtaT-qMrRuj8&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
379
date
Tue, 27 May 2025 09:26:34 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
pubmatic
um.simpli.fi/ Frame 12D8 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=164398
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.201.36 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
36.201.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 26 May 2025 09:26:34 GMT
access-control-allow-origin
*
content-length
43
date
Tue, 27 May 2025 09:26:34 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
generic
match.adsrvr.org/track/cmf/ Frame 12D8 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=164398
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
70
date
Tue, 27 May 2025 09:26:34 GMT
content-type
image/gif
server
Kestrel
sync
ups.analytics.yahoo.com/ups/58292/ Frame 12D8 		0
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5BE682BD-80DA-43CE-8F85-7BF415C5C01E&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=164398
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Tue, 27 May 2025 09:26:34 GMT
age
0
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade
bid_empty
events.bouncex.net/track.gif/ 		42 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCMAzACwAMA7NY2mDAI4CuMeEOEAil4QQKYFUa0AHNRYBOebQBslSmgAWIPDi7l49Tdt3lSZGFEEQAnjg1ckBtHgD2XMAGMY8EGTxsYABsXXwBhMVACAHMoPAA1ACYqNCiYFwAuDxdLAlhLLPN4AFEAVRS09PYogmz4ADkACXKMrK5LMGsC7zqAGWcYKOFLMzx4NA8IkGiofQTlaWlKAFZDEFTLeAArfxQXQsMAdxgkQmJ9RiXqJbQANwJT-UopWQVpJUZZJdo0czuvc8US0Y9AS8jmyno82k9EuCQwaxgdxgB0e-W4Fn+FGuHkCBAsEEEwj4EUkMjkjEUKlo6hxeMsIGABBucEItVEUWoP0RBC88DIaAgGgIYDIOEwNnwEBcYARODI9xASECMAoADMQIE8DABQAvFzwAC0lAS9CAA
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 27 May 2025 09:26:34 GMT
content-type
image/gif
bid_empty
events.bouncex.net/track.gif/ 		42 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCMAzACwAMA7NY2mDAI4CuMeEOEAil4QQKYFUa0AHNRYBOebQBslAExoAFiDw4u5ePS0695UmRhRBEAJ45NXJIbR4A9lzABjGPBBk8bDAANq5+AMJioAQA5lB4AGpqVGjRMK4AXJ6uVgSwVlkW8ACiAKopaens0QTZ8AByABLlGVlcVmA2BT51ADIuMNHCVuZ48GiekSAxUAZqytLSlACsRiCpVvAAVgEoroVGAO4wSITEBoxL1EtoAG4EpwaUUrIK0kqMsku0aBZ33ueKJaMehqeRzZT0ebSeiXDSgVJ3GAHR79biWf4UZTjIIESwQQTCPiRSQyOSMRQqWisTw4vEgYAEG5wQi1UTRag-GB-HxkNAQTQEMBkHCYWz4CCuMBrEhke4gJBBGAUABmICCeBgfIAXq54ABadT0IA
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 27 May 2025 09:26:34 GMT
content-type
image/gif
bid_empty
events.bouncex.net/track.gif/ 		42 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeATgCYaBWKgDkzBgEcBXGQifCRAFseEEIODwAjAHYALEwDMC6VSqyAbJIAMmABYhC+ThXg79h4ynJooAiAE98uzgCNTmQgHtOYAMYx4EBRCVhgAG08ggGExUEQAcyhCADUaKUx4mE8ALl9PW2QYWzy0eABRAFUMrOy2eMR8+AA5AAlqnLzOWzB7EoCmgBkPGHjhW2tCeExfWJAEqBMadSYmSXodEEzbeAArEMFPUp0AdxgXYlITaXoFekwAN0QLkxl5JRUmNWlFellMNEe-iuqno0i0NFo6nUWmWTC0Nxo2E2MEeMGOL2GXCKQMo0mmYUQRQgAmEvFiUjkimUqg0n3xhNsIGAiHucGIjVE8QU-xRiH88BQmAgukQYCsOAcRAgnjAyPwKCeIBcYRglAAZiAwoQYEKAF6eeAAWkkNC0QA
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 27 May 2025 09:26:34 GMT
content-type
image/gif
bid_empty
events.bouncex.net/track.gif/ 		42 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeATgCYaBWKgDkzBgEcBXGQifCRAFseEEIODwAjAHYALEwDMC6VSqyAbJMmYAFiEL5OFeAAZd+wxXJooAiAE98OzgCNTmQgHtOYAMYx4EBRCVhgAG08ggGExUEQAcyhCADUaKUx4mE8ALl9PW2QYWzy0eABRAFUMrOy2eMR8+AA5AAlqnLzOWzB7EoCmgBkPGHjhW2tCeExfWJAEqGMadSYmSXozEEzbeAArEMFPUrMAdxgXYlJjaXoFekwAN0QL4xl5JRUmNWlFellMNEe-iuqno0hMNFo6nUJmWTBMNxo2E2MEeMGOL2GXCKQMoLF8YUQRQgAmEvFiUjkimUqg0VGk0wJRJAwEQ9zgxEaoniCn+KMQ-ngKEwEB0iDAKHwOAcRAgnjAyPwKCeIBcYRglAAZiAwoQYMKAF6eeAAWkkNBMQA
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 27 May 2025 09:26:34 GMT
content-type
image/gif
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 00D4 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://csync.smilewanted.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"607873db-c1ce"
age
633674
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
date
Tue, 27 May 2025 09:26:34 GMT
content-type
application/javascript
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=315360000
referrer-policy
strict-origin
cf-ray
946478b2fd2d1c7d-AMS
x-xss-protection
1; mode=block
server
cloudflare
cdb
bidder.criteo.com/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=160&profileId=184&cb=44184141085
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::39 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://sub4.mafinet.store/

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://sub4.mafinet.store
date
Tue, 27 May 2025 09:26:34 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=160&profileId=184&cb=74736389632
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::39 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://sub4.mafinet.store/

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://sub4.mafinet.store
date
Tue, 27 May 2025 09:26:34 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
drop_cookie_sw.php
csync.smilewanted.com/ Frame 9A40 		0
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
946478b33d511c7d-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 27 May 2025 09:26:34 GMT
server
cloudflare
vary
Accept-Encoding
getuid
sync.smartadserver.com/ Frame A46B
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.117 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-length
0
date
Tue, 27 May 2025 09:26:34 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Tue, 27 May 2025 09:26:34 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
sync
x.bidswitch.net/ 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=criteo&custom_data=jssZxV9aY2hpR0pWaXc0WVJTZjdkMGJ2QmlGbGRiM204WmJVcG0yMkp3b0c3UDd3JTNE&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-azK_co4UVmBB6hxOhYJTqyglVogihDM1w80yHA
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Tue, 27 May 2025 09:26:34 GMT
content-type
image/gif
getuid
secure.adnxs.com/ 		0
0
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=commerce_grid_dbm&google_hm=k-azK_co4UVmBB6hxOhYJTqyglVogihDM1w80yHA&google_cm&google_redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3...
  • https://ssp-sync.criteo.com/user-sync/match?p=LZs1xF9DTDZHdnRGNEN2ZzRMcG9VWGpxeUVoNTQlMkZMZE8wOUczRWZIMFAlMkIlMkJJbVo0JTNE&u=CAESEDEXO9pJfEXL5_WjkU8CjcM&gdpr=0&gdpr_consent=&google_cver=1
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=LZs1xF9DTDZHdnRGNEN2ZzRMcG9VWGpxeUVoNTQlMkZMZE8wOUczRWZIMFAlMkIlMkJJbVo0JTNE&u=CAESEDEXO9pJfEXL5_WjkU8CjcM&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Server
2a02:2638:3::3a , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-store,max-age=0
date
Tue, 27 May 2025 09:26:34 GMT
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

cache-control
no-cache, must-revalidate
location
https://ssp-sync.criteo.com/user-sync/match?p=LZs1xF9DTDZHdnRGNEN2ZzRMcG9VWGpxeUVoNTQlMkZMZE8wOUczRWZIMFAlMkIlMkJJbVo0JTNE&u=CAESEDEXO9pJfEXL5_WjkU8CjcM&gdpr=0&gdpr_consent=&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
400
date
Tue, 27 May 2025 09:26:34 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
bidder-initiated
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://ad.turn.com/r/cs?pid=75&us_privacy=&gdpr=0&gdpr_consent=
  • https://ssp-sync.criteo.com/user-sync/bidder-initiated?gdpr_consent=&gdpr=0&us_privacy=&dsp=11&buyer_id=2383888786883828126
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/bidder-initiated?gdpr_consent=&gdpr=0&us_privacy=&dsp=11&buyer_id=2383888786883828126
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Server
2a02:2638:3::3a , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-store,max-age=0
content-length
0
date
Tue, 27 May 2025 09:26:33 GMT
server
Kestrel
cross-origin-resource-policy
cross-origin

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
location
https://ssp-sync.criteo.com/user-sync/bidder-initiated?gdpr_consent=&gdpr=0&us_privacy=&dsp=11&buyer_id=2383888786883828126
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
content-length
0
pragma
no-cache
date
Tue, 27 May 2025 09:26:34 GMT
events
bidder.criteo.com/csm/ 		0
196 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::39 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://sub4.mafinet.store/

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://sub4.mafinet.store
date
Tue, 27 May 2025 09:26:34 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::28 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"493ea254-2b"
cross-origin-resource-policy
cross-origin
expires
Fri, 22 May 2026 09:26:34 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Tue, 27 May 2025 09:26:34 GMT
content-type
image/gif
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::28 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"493ea254-2b"
cross-origin-resource-policy
cross-origin
expires
Fri, 22 May 2026 09:26:34 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Tue, 27 May 2025 09:26:34 GMT
content-type
image/gif
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
bid_empty
events.bouncex.net/track.gif/ 		42 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BjMBLCMD2AyUlZgH0BnNGAlAE3gHcBXKCuAaxQa0eABsMBPAWxhQI8DADc4nEDyxgYAR1owi6CgRCr6aIvACcABj0APAGwGZ8xcoIQUA5SD7B4ARgDsAFgAcAZm+udOu7GzgBMOKiIMPAAcgCC7DAgnORUcVggtIg2GFAEULR8AEZwLukaUGgp8MbeWAAWIEQEtJTwevWNzZQpgjYQPAR1tIVtWEQYtGCR8OpE5tzqAMIOoCgA5lBEAGohpWuYAFyIOTawQseM8ACiAKpY+xgHsmsoOTEAEveHx-QQYDwXKLRAAyYxgawEQhS2iwiBWIHWFSoIWMnk8zgArO0QPshPAAFZzPgYS7tagwQokdCtVwY7wYrCiFBU1puLy+fyeQKuHwY9wJJmRGkBDGuPQhHQo0yozx6OlhUD7JkwaissEKQRCqg6WGcFC9Gx2CArFweHx+ALuVw83X6oQgYAocRgEhvY1rWqMQVRChYCB1FBgVS4frECAYMA4sgUZkgQqcGBUABmSSIMD9AC8MPAALShPRAA
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 27 May 2025 09:26:34 GMT
content-type
image/gif
events
bidder.criteo.com/csm/ 		0
196 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::39 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://sub4.mafinet.store/

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://sub4.mafinet.store
date
Tue, 27 May 2025 09:26:34 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
bid_empty
events.bouncex.net/track.gif/ 		42 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BjMBLCMD2AyUlZgH0BnNGAlAE3gHcBXKCuAaxQa0eABsMBPAWxhQI8DADc4nEDyxgYAR1owi6CgRCr6aIvFGVMM+YuUEIKAcpB9g8AIwB2ACwAOAMwu7ATg8OAbDYBMOKiIMPAAcgCC7DAgnORUkVggtIimGFAEULR8AEZwtkkaUGjx8ACsAAxYABYgRAS0lPBVtfWNqnpCaDwE1bQ5zVhEGLRgIfDqRAbc6gDClqAoAOZQRABq-gVLmABciOmmsEL7jPAAogCqWNsYO7JLKOnhABLXu-v0EGA8J6FhADJDGBLARCeLaLCIBYgZbFKj+HxOJw2SpJbZCeAAKymfAwpyq1BgORI6CadjKLjKWF0JKa9mcbk8Tm8dlcZQc0V0ITJXjKdgq-g8CJ8FURTgqFMCoG2uhg1DpQIUgm5VBsVUQnBQgggpnMEAWtkcrncXgcrPVmu1IGAKHEYBIT31SxcnJQ4woWAg1RQYFUuAgPWUGDAIG2BAoKCIIBynBgVAAZrEiDBPQAvDDwAC0AQqQA
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 27 May 2025 09:26:34 GMT
content-type
image/gif
sync
x.bidswitch.net/ Frame 88B0
Redirect Chain
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=342
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=V17DmV9qY1QyY3REQVFuYjZuRngxenQlMkZ2OGlZZ0JVcDglMkZYOXFacjFMZzdZYXdSR2lxNWlWS015Qno0amZsQUViZGNGMVZyTmlOcmpYTjF6bkRSQ3NFa2JhSWJabE4wZDBob2dTYzklM...
43 B
183 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?ssp=criteo&custom_data=V17DmV9qY1QyY3REQVFuYjZuRngxenQlMkZ2OGlZZ0JVcDglMkZYOXFacjFMZzdZYXdSR2lxNWlWS015Qno0amZsQUViZGNGMVZyTmlOcmpYTjF6bkRSQ3NFa2JhSWJabE4wZDBob2dTYzklMkZ5TG8zSTJqeiUyRnJLa2o5N3dXTEdXVlhEeGtoSm5VbU5pJTJCalJsRWU5ZXRpazdtJTJCeVhNaDJha3p1WjFVTnhQcWVMZyUyRlNWZjJad29JS0xaa0xtUDdVQnNLcFFCYzNURQ&gpp=&gpp_sid=&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-azK_co4UVmBB6hxOhYJTqyglVogihDM1w80yHA
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 27 May 2025 09:26:34 GMT
via
1.1 google

Redirect headers

cache-control
no-store,max-age=0
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 27 May 2025 09:26:34 GMT
location
https://x.bidswitch.net/sync?ssp=criteo&custom_data=V17DmV9qY1QyY3REQVFuYjZuRngxenQlMkZ2OGlZZ0JVcDglMkZYOXFacjFMZzdZYXdSR2lxNWlWS015Qno0amZsQUViZGNGMVZyTmlOcmpYTjF6bkRSQ3NFa2JhSWJabE4wZDBob2dTYzklMkZ5TG8zSTJqeiUyRnJLa2o5N3dXTEdXVlhEeGtoSm5VbU5pJTJCalJsRWU5ZXRpazdtJTJCeVhNaDJha3p1WjFVTnhQcWVMZyUyRlNWZjJad29JS0xaa0xtUDdVQnNLcFFCYzNURQ&gpp=&gpp_sid=&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-azK_co4UVmBB6hxOhYJTqyglVogihDM1w80yHA
server
Kestrel
strict-transport-security
max-age=31536000; preload;
sync
ittpx.eskimi.com/ Frame DF98 		0
0
/
csync.smilewanted.com/set_partner_userid_get/adaptmx/ Frame B37B
Redirect Chain
  • https://sync.a-mo.net/cchain?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadaptmx%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adaptmx/?gdpr=0
0
58 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adaptmx/?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
946478b49e1f1c7d-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 27 May 2025 09:26:34 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
0
date
Tue, 27 May 2025 09:26:34 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adaptmx/?gdpr=0
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
0
cookie_sync
dsp-service.admatic.de/ Frame 7625 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadmatic%2F%24%7BUSER_ID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.108 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Pixad
Resource Hash
1233577c54f818911b5e16afbaf5bb7c2f30d82a5f3878d24955153105577bd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
946478b4ae8c6710-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 27 May 2025 09:26:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=28A%2FeoVHBWYBF5fMt%2Bl6yELvQ%2FkuObaPEg9PtYnW8QIwt%2Bj1h0Yt20iGevhCvPjBlqMBvNBxSQJmRk5BiaUUIvhmvvVzGfdQAoIple4wXNwIBDnHVo5fk2a9G7RxW%2F8dzHXl%2FiYNZgQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=13698&min_rtt=13157&rtt_var=3274&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4188&recv_bytes=5059&delivery_rate=47956&cwnd=12000&unsent_bytes=0&cid=a931635047e5e31b&ts=48&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
working-app
admanager-report
working-on
admatic-k8s
x-powered-by
Pixad
bid_empty
events.bouncex.net/track.gif/ 		42 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BbEBzKBLCMBkpKzAH0BnTGQ9AE3gFYAOGgJhoBZswYBHAVxmIkIR0iPhBCJg8AIwB2FnQDMCmQE4VLAGxSF2ABYhihblXgAGPQaNUKlGFCEQAnoV3cARmezEA9tzABjGHgQSmJ2GAAbbxCAYXFQdDRiADVGaWwUGG8ALn9ve3RYezzbeABRAFUMrOyOFHR8+AA5AAlqnLzuezBHEqCmgBkvGBQRextieGx-eJBEjGpGDTo6KRpzVDsIeAArMMRvUvMAdxg3UiwTGRoFGmwAN3QLk1l5JVU6dRlFVmxbR8CVzUNBkpkYKiWGlMyzophujFwm0eMGOL2GPDsgOoUik0wi6C2QhE-Hi0jkimUwNM1LxBPsIGA6HucFIjTEKB0-3QgXglGwEF06DAlEIeCcJAg3jAm0IlCeIDcERg1AAZiAIsQcBAAF7eeAAWikjFMQA
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 27 May 2025 09:26:35 GMT
content-type
image/gif
cookie_sync
dsp-service.admatic.de/ Frame 9389 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadmatic_autres%2F%24%7BUSER_ID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.108 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Pixad
Resource Hash
7cc1177ec6eacc4c3ba7b16b8392cd6e72e526bac5a4adcf87a8d64d8aa0d23f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
946478b4ce9e6710-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 27 May 2025 09:26:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FpZvJ7WvAjZynl3GLiiLngOZI9c32SioAk2jczJ7xIFple5KRJAvtO8hvCTSoSLau%2FUe1Dexoz4C8xdNTOJUqpqN7FLlWoXa%2FodUkRudVm4i9G0dGdXvNxMiGJYtAVQxGPirpTaMawI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=13616&min_rtt=13041&rtt_var=2619&sent=14&recv=11&lost=0&retrans=0&sent_bytes=6146&recv_bytes=5102&delivery_rate=48607&cwnd=12000&unsent_bytes=0&cid=a931635047e5e31b&ts=63&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
working-app
admanager-report
working-on
admatic-k8s
x-powered-by
Pixad
bid_empty
events.bouncex.net/track.gif/ 		42 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BbEBzKBLCMBkpKzAH0BnTGQ9AE3gFYAOGgJhoBZswYBHAVxmIkIR0iPhBCJg8AIwB2FnQDMCmQE4VLAGxSF2ABYhihblXgAGPQaNUKlGFCEQAnoV3cARmezEA9tzABjGHgQSmJ2GAAbbxCAYXFQdDRiADVGaWwUGG8ALn9ve3RYezzbeABRAFUMrOyOFHR8+AA5AAlqnLzuezBHEqCmgBkvGBQRextieGx-eJBEjGpGDTo6KRpzVDsIeAArMMRvUvMAdxg3UiwTGRoFGmwAN3QLk1l5JVU6dRlFVmxbR8CVzUNBkpkYKiWGlMyzophujFwm0eMGOL2GPDsgOoUgR-gi6C2QhE-Hi0jkimUwNMOOm+K2IGA6HucFIjTEKB0-3QgXglGwEF06DAlEIeCcJAg3jAm0IlCeIDcERg1AAZiAIsQcBAAF7eeAAWhxpiAA
Requested by
Host: sub4.mafinet.store
URL: https://sub4.mafinet.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sub4.mafinet.store/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-envoy-upstream-service-time
2
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
expires
Tue, 01 Jan 2001 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Tue, 27 May 2025 09:26:35 GMT
content-type
image/gif
3f72cd1d-3569-493c-a374-566b4381d12b
csync.smilewanted.com/set_partner_userid_get/admatic/ Frame 6E4B 		0
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/admatic/3f72cd1d-3569-493c-a374-566b4381d12b
Requested by
Host: dsp-service.admatic.de
URL: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadmatic%2F%24%7BUSER_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dsp-service.admatic.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
946478b4fe551c7d-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 27 May 2025 09:26:35 GMT
server
cloudflare
vary
Accept-Encoding
cookie.html
static.cdn.admatic.de/ Frame 182E
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D
  • https://prebid.admatic.de/setuid?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
  • https://static.cdn.admatic.de/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.cdn.admatic.de/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
Requested by
Host: dsp-service.admatic.de
URL: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadmatic%2F%24%7BUSER_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.108 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481c8382889f68e105a819ab253cbea9e6a52e86d611edd9fde5feae25e1d8a7

Request headers

Referer
https://dsp-service.admatic.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
alt-svc
h3=":443"; ma=86400
cache-control
max-age=25600000
cdn-cache
HIT
cdn-cachedat
05/27/2025 07:53:53
cdn-edgestorageid
874
cdn-fileserver
988
cdn-proxyver
1.28
cdn-pullzone
2526898
cdn-requestcountrycode
US
cdn-requestid
b22385208d9a12d092f76ddbd0919e60
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-status
200
cdn-storageserver
DE-638
cdn-uid
e7d0f040-08f3-443e-a640-656beb6c8b3b
cf-cache-status
DYNAMIC
cf-ray
946478b5f9c17752-AMS
content-encoding
br
content-type
text/html
date
Tue, 27 May 2025 09:26:35 GMT
last-modified
Wed, 21 May 2025 13:27:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ploTISoJL2DNlNFy2dXb0zHe9rqs6GulLiuHrZuknuz5XjAjVLncp61nkl5I5Aroi%2BvdKp3lYzVB8huVy1FTzGlWoqveLVn%2FaOGpxU0r93lWc44rnLxhbw46iKHhPfCltyqxaYswQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=13212&min_rtt=13162&rtt_var=2806&sent=12&recv=12&lost=0&retrans=0&sent_bytes=4183&recv_bytes=6116&delivery_rate=47861&cwnd=12000&unsent_bytes=0&cid=a8474a47d4e38c34&ts=35&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
946478b59aa93379-AMS
content-length
167
content-type
text/html
date
Tue, 27 May 2025 09:26:35 GMT
expires
Tue, 27 May 2025 10:26:35 GMT
location
https://static.cdn.admatic.de/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1mEhJIg%2BdRLNt5HksoUVboihoWSFe77Mk0YcByl5B9ke7AKmSY%2BCGoG0WMXzVU1f6oetTLzSsIlgD2eHYEJrfGOsFElrVo%2F2s06zyi%2FIZpnmaY%2FpyVghnVBXwFygqme8rsob"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cookie.html
static.cdn.admatic.de/ Frame CFCF
Redirect Chain
  • https://server.smartytech.io/match?redirect=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dmembrana%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%7Buser_id%7D
  • https://prebid.admatic.de/setuid?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=794ee8b7-4613-47c3-99f7-8b405a9b4c72
  • https://static.cdn.admatic.de/cookie.html?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=794ee8b7-4613-47c3-99f7-8b405a9b4c72
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.cdn.admatic.de/cookie.html?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=794ee8b7-4613-47c3-99f7-8b405a9b4c72
Requested by
Host: dsp-service.admatic.de
URL: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadmatic%2F%24%7BUSER_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.108 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481c8382889f68e105a819ab253cbea9e6a52e86d611edd9fde5feae25e1d8a7

Request headers

Referer
https://dsp-service.admatic.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
alt-svc
h3=":443"; ma=86400
cache-control
max-age=25600000
cdn-cache
HIT
cdn-cachedat
05/27/2025 07:53:53
cdn-edgestorageid
874
cdn-fileserver
988
cdn-proxyver
1.28
cdn-pullzone
2526898
cdn-requestcountrycode
US
cdn-requestid
5e34a0ca58a3ed46448280d631b31f0b
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-status
200
cdn-storageserver
DE-638
cdn-uid
e7d0f040-08f3-443e-a640-656beb6c8b3b
cf-cache-status
DYNAMIC
cf-ray
946478b639e87752-AMS
content-encoding
br
content-type
text/html
date
Tue, 27 May 2025 09:26:35 GMT
last-modified
Wed, 21 May 2025 13:27:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YTkPB2mpdkE0vpWng5YKqznUvHdTDuxv4wsjSW2BupBxuOTRDeTe%2Bb%2BhBAFsFJxjeRhUUWyM%2B8OjeEJp6VgcDf8TFrLhojvEkSpobDORaLs3qdZO73DVqfMnWvyuekzpSLcR1NH9Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=15666&min_rtt=13162&rtt_var=4065&sent=22&recv=18&lost=0&retrans=0&sent_bytes=10718&recv_bytes=6854&delivery_rate=420546&cwnd=12000&unsent_bytes=0&cid=a8474a47d4e38c34&ts=73&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
946478b61b663379-AMS
content-length
167
content-type
text/html
date
Tue, 27 May 2025 09:26:35 GMT
expires
Tue, 27 May 2025 10:26:35 GMT
location
https://static.cdn.admatic.de/cookie.html?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=794ee8b7-4613-47c3-99f7-8b405a9b4c72
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AeEqzlN24XC4BCqq2nNZMK5RgjRyRZnQPsKQq41T6V%2Bf1dFF04GjPu91XvYNH%2B6ptAcNZvLr4qzohhjkZarvgLohAmZ2GEh5bOqyAOGi1Z%2Fls1XrXsTwzbfkt6GF3ftLF7qE"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ImgSync
image8.pubmatic.com/AdServer/ Frame B147 		0
42 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%23PMUID
Requested by
Host: dsp-service.admatic.de
URL: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadmatic%2F%24%7BUSER_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.231.98.106 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dsp-service.admatic.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-length
0
date
Tue, 27 May 2025 09:26:35 GMT
cookie.html
static.cdn.admatic.de/ Frame 2581
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dbmtm%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dbmtm%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=
  • https://prebid.admatic.de/setuid?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=496503ca-d17b-4374-8667-276a048d2f10
  • https://static.cdn.admatic.de/cookie.html?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=496503ca-d17b-4374-8667-276a048d2f10
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.cdn.admatic.de/cookie.html?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=496503ca-d17b-4374-8667-276a048d2f10
Requested by
Host: dsp-service.admatic.de
URL: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadmatic%2F%24%7BUSER_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.108 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481c8382889f68e105a819ab253cbea9e6a52e86d611edd9fde5feae25e1d8a7

Request headers

Referer
https://dsp-service.admatic.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
alt-svc
h3=":443"; ma=86400
cache-control
max-age=25600000
cdn-cache
HIT
cdn-cachedat
05/27/2025 07:53:53
cdn-edgestorageid
874
cdn-fileserver
988
cdn-proxyver
1.28
cdn-pullzone
2526898
cdn-requestcountrycode
US
cdn-requestid
e20a906859d27a20ab5fa6acdfe9b408
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-status
200
cdn-storageserver
DE-638
cdn-uid
e7d0f040-08f3-443e-a640-656beb6c8b3b
cf-cache-status
DYNAMIC
cf-ray
946478b609c47752-AMS
content-encoding
br
content-type
text/html
date
Tue, 27 May 2025 09:26:35 GMT
last-modified
Wed, 21 May 2025 13:27:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CBCqSaG4n4eLk4K5UygMLXh5gPTB%2FOzKiKdUKVJ6rkEGAxL54IR0BqijmLuHd3fYv51flW%2B2YTTvW8hjLCJJ5jy%2BqjRzhJIKONE2XQy4seos%2FDGksY20zx%2BE9e3qOGVjqIfzSQd5Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=13212&min_rtt=13162&rtt_var=2806&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5997&recv_bytes=6116&delivery_rate=47861&cwnd=12000&unsent_bytes=0&cid=a8474a47d4e38c34&ts=37&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
946478b59aaa3379-AMS
content-length
167
content-type
text/html
date
Tue, 27 May 2025 09:26:35 GMT
expires
Tue, 27 May 2025 10:26:35 GMT
location
https://static.cdn.admatic.de/cookie.html?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=496503ca-d17b-4374-8667-276a048d2f10
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uE1Cb3gi322lzLf%2BwTxRmiwbKxo%2FTN14wSkGT65DHGr0zSR7%2FDAZ4i6CHiGDLAFjlLhheynHmb%2Bla5m07sld3Rb8KCfFjK9kvAcuKEFz6UufacKyhVthtPJJZAai%2FIclkNXf"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cookie.html
static.cdn.admatic.de/ Frame 69A1
Redirect Chain
  • https://dsp-service.admatic.de/users/sync/?redir=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dadmaticde%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D16df66f1-def8-472d-89ab-b0106fd8850f
  • https://prebid.admatic.de/setuid?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=16df66f1-def8-472d-89ab-b0106fd8850f
  • https://static.cdn.admatic.de/cookie.html?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=16df66f1-def8-472d-89ab-b0106fd8850f
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.cdn.admatic.de/cookie.html?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=16df66f1-def8-472d-89ab-b0106fd8850f
Requested by
Host: dsp-service.admatic.de
URL: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadmatic_autres%2F%24%7BUSER_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.108 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481c8382889f68e105a819ab253cbea9e6a52e86d611edd9fde5feae25e1d8a7

Request headers

Referer
https://dsp-service.admatic.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
alt-svc
h3=":443"; ma=86400
cache-control
max-age=25600000
cdn-cache
HIT
cdn-cachedat
05/27/2025 07:53:53
cdn-edgestorageid
874
cdn-fileserver
988
cdn-proxyver
1.28
cdn-pullzone
2526898
cdn-requestcountrycode
US
cdn-requestid
6fd30ba9683fc795663263c8c871c748
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-status
200
cdn-storageserver
DE-638
cdn-uid
e7d0f040-08f3-443e-a640-656beb6c8b3b
cf-cache-status
DYNAMIC
cf-ray
946478b609c57752-AMS
content-encoding
br
content-type
text/html
date
Tue, 27 May 2025 09:26:35 GMT
last-modified
Wed, 21 May 2025 13:27:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZQHRVALkIvjIrCZZSkEe%2F9JeUWlZ9pJmEBYV24eNfrbc7YohkJOen3HoOTZPvGt42GlWbFmwc1TMupEU4ns9OLi2WAc0h3167ItdXkl9hi%2FVO4sC%2Fg5FuQzP9UZ%2BssRftszWt8e6rg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=13212&min_rtt=13162&rtt_var=2806&sent=17&recv=12&lost=0&retrans=0&sent_bytes=7758&recv_bytes=6116&delivery_rate=47861&cwnd=12000&unsent_bytes=0&cid=a8474a47d4e38c34&ts=38&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
946478b59aa73379-AMS
content-length
167
content-type
text/html
date
Tue, 27 May 2025 09:26:35 GMT
expires
Tue, 27 May 2025 10:26:35 GMT
location
https://static.cdn.admatic.de/cookie.html?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=16df66f1-def8-472d-89ab-b0106fd8850f
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2BAHqUcfoNV%2BFeZPCDV01YEsQd7GYtTwC0lLfC3uqGEun%2F%2BxQ3OFb71q6Rw7vuGmYQxN8QxWG96pn7YHSXdQZeD%2BaY7OiZjobgjH9eWDZi9MG0WKBZQ12axwVhtrthKANnJJ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cookie.html
static.cdn.admatic.de/ Frame 5517
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dbmtm%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dbmtm%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=
  • https://prebid.admatic.de/setuid?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=71ab40f6-fd65-4642-8fe9-686192ce3a88
  • https://static.cdn.admatic.de/cookie.html?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=71ab40f6-fd65-4642-8fe9-686192ce3a88
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.cdn.admatic.de/cookie.html?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=71ab40f6-fd65-4642-8fe9-686192ce3a88
Requested by
Host: dsp-service.admatic.de
URL: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadmatic_autres%2F%24%7BUSER_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.108 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481c8382889f68e105a819ab253cbea9e6a52e86d611edd9fde5feae25e1d8a7

Request headers

Referer
https://dsp-service.admatic.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
alt-svc
h3=":443"; ma=86400
cache-control
max-age=25600000
cdn-cache
HIT
cdn-cachedat
05/27/2025 07:53:53
cdn-edgestorageid
874
cdn-fileserver
988
cdn-proxyver
1.28
cdn-pullzone
2526898
cdn-requestcountrycode
US
cdn-requestid
f6ab4bab6623d5faa1eff5912e3cd90b
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-status
200
cdn-storageserver
DE-638
cdn-uid
e7d0f040-08f3-443e-a640-656beb6c8b3b
cf-cache-status
DYNAMIC
cf-ray
946478b609c37752-AMS
content-encoding
br
content-type
text/html
date
Tue, 27 May 2025 09:26:35 GMT
last-modified
Wed, 21 May 2025 13:27:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2FGCHIZrJGEdpKIbut6VasRlozGG1usedQvGRaTKmUPT3fwV%2Bs%2BFbIvpoL1xradyjFg7fI3%2BQuqIaZn%2BqGhMnDatEu0bdNWFDZvxYLV%2Bn5uiQQVZdSi9RU%2BPW7KzegnAeSd84pA%2BJg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=13212&min_rtt=13162&rtt_var=2806&sent=20&recv=12&lost=0&retrans=0&sent_bytes=9539&recv_bytes=6116&delivery_rate=47861&cwnd=12000&unsent_bytes=0&cid=a8474a47d4e38c34&ts=39&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
946478b59aa63379-AMS
content-length
167
content-type
text/html
date
Tue, 27 May 2025 09:26:35 GMT
expires
Tue, 27 May 2025 10:26:35 GMT
location
https://static.cdn.admatic.de/cookie.html?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=71ab40f6-fd65-4642-8fe9-686192ce3a88
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tZwfmYNqv4oGAQ7FdlG80QrlnlRtI2r2%2BzU1wujlc1P6EJhrrkoIJlXElp6lyGsgRYsXr%2BQvUD49Ak2v84J%2BTAHZz4LCAcQikiSVvo6F0Trm%2BDXRbVfWxNdvdL3nZ4aY8WrN"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cookie.html
static.cdn.admatic.de/ Frame EAAB
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D
  • https://prebid.admatic.de/setuid?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
  • https://static.cdn.admatic.de/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
1 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.cdn.admatic.de/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
Requested by
Host: dsp-service.admatic.de
URL: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadmatic_autres%2F%24%7BUSER_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.108 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481c8382889f68e105a819ab253cbea9e6a52e86d611edd9fde5feae25e1d8a7

Request headers

Referer
https://dsp-service.admatic.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
alt-svc
h3=":443"; ma=86400
cache-control
max-age=25600000
cdn-cache
HIT
cdn-cachedat
05/27/2025 07:53:53
cdn-edgestorageid
874
cdn-fileserver
988
cdn-proxyver
1.28
cdn-pullzone
2526898
cdn-requestcountrycode
US
cdn-requestid
b22385208d9a12d092f76ddbd0919e60
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-status
200
cdn-storageserver
DE-638
cdn-uid
e7d0f040-08f3-443e-a640-656beb6c8b3b
cf-cache-status
DYNAMIC
cf-ray
946478b5f9c17752-AMS
content-encoding
br
content-type
text/html
date
Tue, 27 May 2025 09:26:35 GMT
last-modified
Wed, 21 May 2025 13:27:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ploTISoJL2DNlNFy2dXb0zHe9rqs6GulLiuHrZuknuz5XjAjVLncp61nkl5I5Aroi%2BvdKp3lYzVB8huVy1FTzGlWoqveLVn%2FaOGpxU0r93lWc44rnLxhbw46iKHhPfCltyqxaYswQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=13212&min_rtt=13162&rtt_var=2806&sent=12&recv=12&lost=0&retrans=0&sent_bytes=4183&recv_bytes=6116&delivery_rate=47861&cwnd=12000&unsent_bytes=0&cid=a8474a47d4e38c34&ts=35&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
946478b59aa93379-AMS
content-length
167
content-type
text/html
date
Tue, 27 May 2025 09:26:35 GMT
expires
Tue, 27 May 2025 10:26:35 GMT
location
https://static.cdn.admatic.de/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1mEhJIg%2BdRLNt5HksoUVboihoWSFe77Mk0YcByl5B9ke7AKmSY%2BCGoG0WMXzVU1f6oetTLzSsIlgD2eHYEJrfGOsFElrVo%2F2s06zyi%2FIZpnmaY%2FpyVghnVBXwFygqme8rsob"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ImgSync
image8.pubmatic.com/AdServer/ Frame 3756 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%23PMUID
Requested by
Host: dsp-service.admatic.de
URL: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadmatic_autres%2F%24%7BUSER_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.231.98.106 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dsp-service.admatic.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-length
0
date
Tue, 27 May 2025 09:26:35 GMT
cookie.html
static.cdn.admatic.de/ Frame 6942
Redirect Chain
  • https://server.smartytech.io/match?redirect=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dmembrana%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%7Buser_id%7D
  • https://prebid.admatic.de/setuid?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=17f6fe87-ef3e-4397-a1d7-3eda26291ea0
  • https://static.cdn.admatic.de/cookie.html?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=17f6fe87-ef3e-4397-a1d7-3eda26291ea0
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.cdn.admatic.de/cookie.html?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=17f6fe87-ef3e-4397-a1d7-3eda26291ea0
Requested by
Host: dsp-service.admatic.de
URL: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadmatic_autres%2F%24%7BUSER_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.108 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481c8382889f68e105a819ab253cbea9e6a52e86d611edd9fde5feae25e1d8a7

Request headers

Referer
https://dsp-service.admatic.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
alt-svc
h3=":443"; ma=86400
cache-control
max-age=25600000
cdn-cache
HIT
cdn-cachedat
05/27/2025 07:53:53
cdn-edgestorageid
874
cdn-fileserver
988
cdn-proxyver
1.28
cdn-pullzone
2526898
cdn-requestcountrycode
US
cdn-requestid
250a58835b2f693fb85cd328ea419009
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-status
200
cdn-storageserver
DE-638
cdn-uid
e7d0f040-08f3-443e-a640-656beb6c8b3b
cf-cache-status
DYNAMIC
cf-ray
946478b68a237752-AMS
content-encoding
br
content-type
text/html
date
Tue, 27 May 2025 09:26:35 GMT
last-modified
Wed, 21 May 2025 13:27:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2BnTxXquEe6HtOkUcz6JIj%2F%2FS7dZq8pISZq92W6KmCMmAszG4%2FuM%2FPn8TWXOQk1T0FMMp8f4E%2BYzMG4n4Jj7sRybybBw7zIkroo4NzIA2BlpHZIHEQFxJ3UBHPW4dDgbTfZrltf4oA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=16057&min_rtt=13162&rtt_var=3872&sent=26&recv=20&lost=0&retrans=0&sent_bytes=13110&recv_bytes=7754&delivery_rate=84208&cwnd=12000&unsent_bytes=0&cid=a8474a47d4e38c34&ts=120&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
946478b66c043379-AMS
content-length
167
content-type
text/html
date
Tue, 27 May 2025 09:26:35 GMT
expires
Tue, 27 May 2025 10:26:35 GMT
location
https://static.cdn.admatic.de/cookie.html?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=17f6fe87-ef3e-4397-a1d7-3eda26291ea0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0rk6Vmi%2FNBEqze9GBp747Zk8lVWjVWDluHVXXTqcScG%2BJlCKMzXvDYHKOxj3FO8v0R2OW6ryEAuLZloDqZNCYcOe4PhkVooxtkA87VQobi7FlUCAGA3FW2rtxsfWTMHeKY3q"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
getuid
secure.adnxs.com/ Frame 0C00 		146 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID?gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
bfb16f2d35702077ef9d8416d9eef53d688ff16e6faf73d5b9913d76e1144d9a

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-length
146
content-type
text/html
date
Tue, 27 May 2025 09:26:35 GMT
server
nginx/1.23.4
x-proxy-origin
185.65.134.154; 185.65.134.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
ecm3
s.amazon-adsystem.com/ Frame 4BB6 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-8-cbf3cb3d-025f-43ec-95f1-4b95094a86ca
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.157.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-157-137.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
NZG86ZPBK1VYH9GPTDFP
Content-Length
43
Date
Tue, 27 May 2025 09:26:35 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
getuid
ib.adnxs.com/ Frame 4BB6 		0
0
713074.gif
id.rlcdn.com/ Frame 4BB6 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/713074.gif?
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 27 May 2025 09:26:35 GMT
/
s.ad.smaato.net/c/ Frame 4BB6 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001980&dspCookie=ID5-8-cbf3cb3d-025f-43ec-95f1-4b95094a86ca&gdpr=&gdpr_consent=
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.1.242.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.242.1.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

via
1.1 google
date
Tue, 27 May 2025 09:26:35 GMT
cache-control
no-cache, must-revalidate
generic
match.adsrvr.org/track/cmf/ Frame 4BB6 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=g6nxmp9&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

content-length
70
date
Tue, 27 May 2025 09:26:35 GMT
content-type
image/gif
server
Kestrel
159
match.deepintent.com/usersync/ Frame 4BB6 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/159
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

date
Tue, 27 May 2025 09:26:35 GMT
server
a
content-length
0
/
b1sync.zemanta.com/usersync/inmobi/ Frame 4BB6 		26 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/inmobi/?puid=ID5-8-cbf3cb3d-025f-43ec-95f1-4b95094a86ca&cb=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3D210%26dspUserId%3D__ZUID__&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
26
date
Tue, 27 May 2025 09:26:35 GMT
content-type
image/gif
sync
x.bidswitch.net/ Frame 4BB6 		43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=aerserv&user_id=ID5-8-cbf3cb3d-025f-43ec-95f1-4b95094a86ca&gdpr=&gdpr_pd=&gdpr_consent=&us_privacy=&expires=30
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Tue, 27 May 2025 09:26:35 GMT
content-type
image/gif
current
inmobi-match.dotomi.com/match/bounce/ Frame 4BB6 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&nuid=ID5-8-cbf3cb3d-025f-43ec-95f1-4b95094a86ca
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE Conversant LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

expires
0
cache-control
no-cache, private, max-age=0, no-store
date
Tue, 27 May 2025 09:26:35 GMT
pragma
no-cache
server
nginx
setuid
sync.inmobi.com/ Frame 4BB6
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3535&partner_device_id=ID5-8-cbf3cb3d-025f-43ec-95f1-4b95094a86ca&partner_url=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3D877%26dspUserI...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3535&partner_device_id=ID5-8-cbf3cb3d-025f-43ec-95f1-4b95094a86ca&partner_url=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3D877%26ds...
  • https://sync.inmobi.com/setuid?bidderID=877&dspUserId=f1ef5630-6af7-468d-a76e-c7474870ad61
0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.inmobi.com/setuid?bidderID=877&dspUserId=f1ef5630-6af7-468d-a76e-c7474870ad61
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Server
35.212.104.44 Washington, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
44.104.212.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

via
1.1 google
content-length
0
date
Tue, 27 May 2025 09:26:35 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Redirect headers

strict-transport-security
max-age=31536000
location
https://sync.inmobi.com/setuid?bidderID=877&dspUserId=f1ef5630-6af7-468d-a76e-c7474870ad61
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
0
date
Tue, 27 May 2025 09:26:35 GMT
server
Jetty(11.0.25)
a184e2218ea9f18e32c70fb304405e72.gif
sync.e-volution.ai/ Frame 4BB6 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-volution.ai/a184e2218ea9f18e32c70fb304405e72.gif?puid=ID5-8-cbf3cb3d-025f-43ec-95f1-4b95094a86ca&redir=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3D957%26dspUserId%3D%5BUID%5D&gdpr=&gdpr_consent=
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.227.144.189 Amsterdam, Netherlands, ASN50245 (SERVEREL-AS Serverel Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

Content-Length
60
Date
Tue, 27 May 2025 09:26:35 GMT
Content-Type
text/plain
Server
nginx
Connection
keep-alive
ImgSync
image8.pubmatic.com/AdServer/ Frame 4BB6 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=157097&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157097%26mpc%3D4%26fp%3D1%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.inmobi.com%252Fsetuid%253FbidderID%253D76%2526dspUserId%253D%2523PMUID
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.231.98.106 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

date
Tue, 27 May 2025 09:26:35 GMT
content-length
0
inmslw82.gif
us.ck-ie.com/ Frame 4BB6 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/inmslw82.gif?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3DID5-893%26dspUserId%3D%7B%24PARTNER_UID%7D
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

Date
Tue, 27 May 2025 09:26:35 GMT
Content-Type
text/plain
Server
nginx
Connection
keep-alive
setuid
sync.inmobi.com/ Frame 4BB6
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871903319744&gdpr=&consent=&us_privacy=
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=38c0037af9b05c4f&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub6871903319744
  • https://t.adx.opera.com/sync?vendor=60369&pubid=pub6871903319744
  • https://sync.inmobi.com/setuid?bidderID=1135&dspUserId=OPU80610b2a768f4e86a710d02b4eef2675
0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.inmobi.com/setuid?bidderID=1135&dspUserId=OPU80610b2a768f4e86a710d02b4eef2675
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Server
35.212.104.44 Washington, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
44.104.212.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

via
1.1 google
content-length
0
date
Tue, 27 May 2025 09:26:37 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://sync.inmobi.com/setuid?bidderID=1135&dspUserId=OPU80610b2a768f4e86a710d02b4eef2675
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
expires
Mon, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
content-length
117
date
Tue, 27 May 2025 09:26:37 GMT
content-type
text/html; charset=utf-8
server
Tengine
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
setuid
sync.inmobi.com/ Frame 4BB6
Redirect Chain
  • https://cs.admanmedia.com/e03deca3316b700a1ce99c41e324fd03.gif?puid=ID5-8-cbf3cb3d-025f-43ec-95f1-4b95094a86ca&redir=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3D149%26dspUserId%3D%5BUID%5D&...
  • https://sync.inmobi.com/setuid?bidderID=149&dspUserId=0cd10797-5c6c-4e2f-9e0e-84b82957517b
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.inmobi.com/setuid?bidderID=149&dspUserId=0cd10797-5c6c-4e2f-9e0e-84b82957517b
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Server
35.212.104.44 Washington, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
44.104.212.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

via
1.1 google
content-length
0
date
Tue, 27 May 2025 09:26:35 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Redirect headers

expires
0
cache-control
no-cache, no-store, must-revalidate
location
https://sync.inmobi.com/setuid?bidderID=149&dspUserId=0cd10797-5c6c-4e2f-9e0e-84b82957517b
content-length
0
date
Tue, 27 May 2025 09:26:35 GMT
pragma
no-cache
server
nginx
user-sync
sync.adkernel.com/ Frame 4BB6 		22 B
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=147857&t=image&gdpr=&gdpr_consent=&r=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3D1029%26dspUserId%3D%7BUID%7D
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.67.200.72 Singapore, Singapore, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
1.cpm.ams1.wowcon.net
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

Cache-Control
no-store
Content-Length
22
Date
Tue, 27 May 2025 09:26:35 GMT
Server
nginx
Connection
close
setuid
sync.inmobi.com/ Frame 4BB6
Redirect Chain
  • https://sync.1rx.io/usersync2/inmobi&gdpr=&gdpr_consent=
  • https://sync.1rx.io/usersync2/inmobi?zcc=1&cb=1748337995238
  • https://ad.turn.com/r/cs?pid=45&id=RX-90019724-60a9-410d-a78f-78362d62aeec-003&rndcb=1961526472
  • https://sync.1rx.io/usersync/turn/2383888786883828126?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-90019724-60a9-410d-a78f-78362d62aeec-003?redir=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3D23%26dspUserId%3DRX-90019724-60a9-410d-a78f-78362d...
  • https://sync.inmobi.com/setuid?bidderID=23&dspUserId=RX-90019724-60a9-410d-a78f-78362d62aeec-003
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.inmobi.com/setuid?bidderID=23&dspUserId=RX-90019724-60a9-410d-a78f-78362d62aeec-003
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Server
35.212.104.44 Washington, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
44.104.212.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

via
1.1 google
content-length
0
date
Tue, 27 May 2025 09:26:35 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Redirect headers

location
https://sync.inmobi.com/setuid?bidderID=23&dspUserId=RX-90019724-60a9-410d-a78f-78362d62aeec-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date
Tue, 27 May 2025 09:26:35 GMT
etag
RX9001972460a9410da78f78362d62aeec003
content-type
text/html
setuid
sync.inmobi.com/ Frame 4BB6
Redirect Chain
  • https://csync.loopme.me/?pubid=9724&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3D109%26dspUserId%3D%7Bviewer_token%7D
  • https://sync.inmobi.com/setuid?bidderID=109&dspUserId=039a9d20-ea95-4a5e-9e19-9a581f5a27c4&gdpr_consent=null&gdpr=null
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.inmobi.com/setuid?bidderID=109&dspUserId=039a9d20-ea95-4a5e-9e19-9a581f5a27c4&gdpr_consent=null&gdpr=null
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Server
35.212.104.44 Washington, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
44.104.212.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

via
1.1 google
content-length
0
date
Tue, 27 May 2025 09:26:34 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Redirect headers

location
https://sync.inmobi.com/setuid?bidderID=109&dspUserId=039a9d20-ea95-4a5e-9e19-9a581f5a27c4&gdpr_consent=null&gdpr=null
content-length
0
date
Tue, 27 May 2025 09:26:35 GMT
server
_
4831fbf13dd518a56346a6e0ec8ba9d5.gif
cs.krushmedia.com/ Frame 4BB6 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.krushmedia.com/4831fbf13dd518a56346a6e0ec8ba9d5.gif?puid=ID5-8-cbf3cb3d-025f-43ec-95f1-4b95094a86ca&redir=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3D1315%26dspUserId%3D%5BUID%5D&gdpr=&gdpr_consent=
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
80.77.82.130 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

Date
Tue, 27 May 2025 09:26:40 GMT
Server
nginx
Connection
close
inm
match.prod.bidr.io/cookie-sync/ Frame 4BB6 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/inm
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.210.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-210-2.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
no-cache, must-revalidate
pragma
no-cache
Connection
keep-alive
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
Content-Length
43
Date
Tue, 27 May 2025 09:26:35 GMT
content-type
image/gif
Server
gunicorn
setuid
sync.inmobi.com/ Frame 4BB6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=138&gdpr=&gdpr_consent=
  • https://sync.inmobi.com/setuid?bidderID=238&dspUserId=zqCThSLLW2hhc3sYJKLtzblBhpo
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.inmobi.com/setuid?bidderID=238&dspUserId=zqCThSLLW2hhc3sYJKLtzblBhpo
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Server
35.212.104.44 Washington, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
44.104.212.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

via
1.1 google
content-length
0
date
Tue, 27 May 2025 09:26:35 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Redirect headers

Location
https://sync.inmobi.com/setuid?bidderID=238&dspUserId=zqCThSLLW2hhc3sYJKLtzblBhpo
Content-Length
108
Date
Tue, 27 May 2025 09:26:35 GMT
Content-Type
text/html; charset=utf-8
Connection
keep-alive
setuid
sync.inmobi.com/ Frame 4BB6
Redirect Chain
  • https://sync.clearnview.com/redirect?gdpr=&gdpr_consent=&usp_consent=&pubid=17&pubuid=ID5-8-cbf3cb3d-025f-43ec-95f1-4b95094a86ca&redirect=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3D869%26d...
  • https://sync.inmobi.com/setuid?bidderID=869&dspUserId=cb3c4368-ec66-5272-aaff-d7da37a168dd
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.inmobi.com/setuid?bidderID=869&dspUserId=cb3c4368-ec66-5272-aaff-d7da37a168dd
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Server
35.212.104.44 Washington, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
44.104.212.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

via
1.1 google
content-length
0
date
Tue, 27 May 2025 09:26:34 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Redirect headers

Transfer-Encoding
chunked
Location
https://sync.inmobi.com/setuid?bidderID=869&dspUserId=cb3c4368-ec66-5272-aaff-d7da37a168dd
Keep-Alive
timeout=5
Date
Tue, 27 May 2025 09:26:35 GMT
Connection
keep-alive
/
s.ad.smaato.net/c/ Frame 4BB6 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=inmobi&gdpr=&gdpr_consent=
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.1.242.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.242.1.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

via
1.1 google
date
Tue, 27 May 2025 09:26:35 GMT
cache-control
no-cache, must-revalidate
inmobi
tr.blismedia.com/v1/api/sync/ Frame 4BB6 		0
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/inmobi?gdpr_consent=&gdpr=
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

via
1.1 google
date
Tue, 27 May 2025 09:26:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
setuid
sync.inmobi.com/ Frame 4BB6
Redirect Chain
  • https://cs.playdigo.com/dd3f91b3168664e47ebd1aec9512abd4.gif?puid=ID5-8-cbf3cb3d-025f-43ec-95f1-4b95094a86ca&redir=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3D1302%26dspUserId%3D%5BUID%5D&g...
  • https://sync.inmobi.com/setuid?bidderID=1302&dspUserId=3b0bce33-4fa2-4e4b-a59e-a2c9ba2b7655
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.inmobi.com/setuid?bidderID=1302&dspUserId=3b0bce33-4fa2-4e4b-a59e-a2c9ba2b7655
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Server
35.212.104.44 Washington, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
44.104.212.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

via
1.1 google
content-length
0
date
Tue, 27 May 2025 09:26:35 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Location
https://sync.inmobi.com/setuid?bidderID=1302&dspUserId=3b0bce33-4fa2-4e4b-a59e-a2c9ba2b7655
Pragma
no-cache
Connection
keep-alive
Expires
0
Keep-Alive
timeout=5
Content-Length
0
Date
Tue, 27 May 2025 09:26:35 GMT
setuid
sync.inmobi.com/ Frame 4BB6
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=inmobi&gdpr=&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=inmobi&gdpr=&gdpr_consent=&tc=1
  • https://sync.inmobi.com/setuid?bidderID=16&dspUserId=PwHe2vW2r7aTMJhPjOWxR7QnCuPAhnqZoEqChPGjaUs&pi=inmobi&gdpr=&gdpr_consent=&tc=1
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.inmobi.com/setuid?bidderID=16&dspUserId=PwHe2vW2r7aTMJhPjOWxR7QnCuPAhnqZoEqChPGjaUs&pi=inmobi&gdpr=&gdpr_consent=&tc=1
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Server
35.212.104.44 Washington, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
44.104.212.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

via
1.1 google
content-length
0
date
Tue, 27 May 2025 09:26:34 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Redirect headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
location
https://sync.inmobi.com/setuid?bidderID=16&dspUserId=PwHe2vW2r7aTMJhPjOWxR7QnCuPAhnqZoEqChPGjaUs&pi=inmobi&gdpr=&gdpr_consent=&tc=1
content-length
0
date
Tue, 27 May 2025 09:26:35 GMT, Tue, 27 May 2025 09:26:35 GMT
pragma
no-cache
vary
Accept-Encoding
setuid
sync.inmobi.com/ Frame 4BB6
Redirect Chain
  • https://tracker-shr.ortb.net/sync?id=1&uid=ID5-8-cbf3cb3d-025f-43ec-95f1-4b95094a86ca
  • https://sync.inmobi.com/setuid?bidderID=276&dspUserId=b3f426e6-7ae7-e815-890e-3be35bd48b61
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.inmobi.com/setuid?bidderID=276&dspUserId=b3f426e6-7ae7-e815-890e-3be35bd48b61
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Server
35.212.104.44 Washington, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
44.104.212.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

via
1.1 google
content-length
0
date
Tue, 27 May 2025 09:26:35 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Redirect headers

access-control-max-age
3600
location
https://sync.inmobi.com/setuid?bidderID=276&dspUserId=b3f426e6-7ae7-e815-890e-3be35bd48b61
access-control-allow-credentials
true
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
permissions-policy
browsing-topics=()
access-control-allow-origin
*
content-length
106
content-type
text/plain; charset=utf-8
access-control-allow-headers
*
sync
ittpx.eskimi.com/ Frame 4BB6 		43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ittpx.eskimi.com/sync?sp_id=64&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.40.16.220 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.220.16.40.188.clients.your-server.de
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

date
Tue, 27 May 2025 09:26:34 GMT
content-type
image/gif
x-empty-response-reason
No GDPR consent (nl: 185.65.134.154)
pixel
ap.lijit.com/ Frame 4BB6 		0
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3D13%26dspUserId%3D%24UID
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.213.252.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-252-64.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sync.inmobi.com/

Response headers

access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-origin
*
date
Tue, 27 May 2025 09:26:35 GMT
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 65D6 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159035&gdpr=&gdpr_consent=&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fsync.inmobi.com%2Fsetuid%3FbidderID%3DID5-SEA-76%26dspUserId%3D(PM_UID)
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.185.43 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-185-43.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a88123f7890e58349e3a64226c716be9d346a42ba76e542a8ebdd30026a89604

Request headers

Referer
https://sync.inmobi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=20798
content-encoding
gzip
content-length
6694
content-type
text/html
date
Tue, 27 May 2025 09:26:35 GMT
expires
Tue, 27 May 2025 15:13:13 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 46BD 		269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=inmobi&endpoint=us-east
Requested by
Host: sync.inmobi.com
URL: https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=8&google_push=&retry=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://sync.inmobi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Tue, 27 May 2025 09:26:35 GMT
etag
"10d-629840acea280-gzip"
last-modified
Wed, 18 Dec 2024 04:42:34 GMT
server
Apache/2.4.62 (Debian)
vary
Accept-Encoding
sync.php
pixel.rubiconproject.com/exchange/ Frame 3C14 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
4b510f0cc5fcbc9800016ef543086418
usync.js
eus.rubiconproject.com/ Frame 46BD 		44 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=inmobi&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) / PHP/8.3.13
Resource Hash
7b230772796291d29a31c3fb51dc288307930477a442296c33aa21cdce751bb6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?p=inmobi&endpoint=us-east

Response headers

cache-control
max-age=79143
content-encoding
gzip
expires
Wed, 28 May 2025 07:25:32 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11387
date
Tue, 27 May 2025 09:26:29 GMT
last-modified
Tue, 27 May 2025 07:25:32 GMT
x-powered-by
PHP/8.3.13
server
Apache/2.4.62 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame 46BD 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/