urlscan.io logo urlscan.io
SecurityTrails logo

www.ndtv.com Open in urlscan Pro
2a02:26f0:6c00:2bd::24e8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/EPE1QIG4we
Effective URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-re...
Submission: On April 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 98 IPs in 8 countries across 66 domains to perform 417 HTTP transactions. The main IP is 2a02:26f0:6c00:2bd::24e8, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.ndtv.com. The Cisco Umbrella rank of the primary domain is 45625.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 10th 2022. Valid for: a year.
This is the only time www.ndtv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.197 13414 (TWITTER)
25 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
24 2606:2800:234... 15133 (EDGECAST)
1 142.250.184.194 15169 (GOOGLE)
1 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
4 2.20.157.2 16625 (AKAMAI-AS)
4 108.138.3.177 16509 (AMAZON-02)
5 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 13.32.99.90 16509 (AMAZON-02)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a04:4e42:200... 54113 (FASTLY)
5 104.244.42.8 13414 (TWITTER)
4 11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 41 142.250.186.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
3 51.124.210.81 8075 (MICROSOFT...)
5 23.97.225.52 8075 (MICROSOFT...)
1 4 2620:116:800d... 16509 (AMAZON-02)
3 104.92.100.195 16625 (AKAMAI-AS)
1 23.35.229.56 16625 (AKAMAI-AS)
4 35.244.159.8 15169 (GOOGLE)
1 185.64.189.112 ()
2 2602:803:c004... 26667 (RUBICONPR...)
3 12 37.252.173.62 29990 (ASN-APPNEX)
1 2600:9000:211... 16509 (AMAZON-02)
2 2606:2800:134... 15133 (EDGECAST)
2 104.244.43.131 54113 (FASTLY)
13 2606:2800:134... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 23.205.235.133 16625 (AKAMAI-AS)
2 151.101.65.108 54113 (FASTLY)
3 10 2.20.157.55 16625 (AKAMAI-AS)
26 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 69.173.144.138 26667 (RUBICONPR...)
24 2a00:1450:400... 15169 (GOOGLE)
1 2 209.54.177.54 16509 (AMAZON-02)
2 4 35.71.131.137 16509 (AMAZON-02)
1 54.194.75.122 16509 (AMAZON-02)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 3.70.4.136 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
1 51.89.21.21 16276 (OVH)
2 3 34.249.222.239 16509 (AMAZON-02)
1 2a02:26f0:b60... 20940 (AKAMAI-ASN1)
3 2a02:26f0:b60... 20940 (AKAMAI-ASN1)
12 52.202.68.121 14618 (AMAZON-AES)
1 3.232.80.154 14618 (AMAZON-AES)
1 8.28.7.92 62713 (AS-PUBMATIC)
2 2 213.19.147.45 3356 (LEVEL3)
1 44.194.158.136 14618 (AMAZON-AES)
1 3.126.56.137 16509 (AMAZON-02)
1 5 51.89.9.253 16276 (OVH)
1 3 198.47.127.19 3257 (GTT-BACKB...)
4 52.28.203.152 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.6 15169 (GOOGLE)
4 142.250.185.66 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 141.148.45.191 31898 (ORACLE-BM...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.193.173.189 16509 (AMAZON-02)
1 185.255.84.151 200271 (IGUANE-)
1 185.86.138.121 201081 (SMARTADSE...)
1 178.128.135.80 14061 (DIGITALOC...)
1 34.107.148.139 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 147.75.38.124 54825 (PACKET)
1 52.59.116.64 16509 (AMAZON-02)
1 72.251.249.13 29791 (VOXEL-DOT...)
1 178.250.2.131 44788 (ASN-CRITE...)
2 2a02:2638:1::3 ()
1 2 2a02:2638:1::13 ()
1 178.250.2.146 ()
4 5 37.157.2.237 ()
3 3 216.200.232.249 ()
4 104.36.113.107 ()
2 2 213.155.156.184 ()
5 185.64.189.110 ()
1 1 178.250.2.151 ()
1 104.36.113.24 ()
3 3 51.79.83.225 ()
1 2 2606:4700:10:... ()
1 169.50.137.182 ()
1 66.155.71.25 ()
1 1 2600:9000:225... ()
1 2a00:1450:400... ()
417 98
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
25    2a02:26f0:6c00:2bd::24e8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.ndtv.com
cdn.ndtv.com
i.ndtvimg.com
c.ndtvimg.com
8    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
24    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googleadservices.com
1    2a02:26f0:f7:1a0::24e8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
alerts.ndtv.com
4    2.20.157.2 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-2.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    108.138.3.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-3-177.fra56.r.cloudfront.net
c.amazon-adsystem.com
5    2606:4700:4400::ac40:99f7 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adpushup.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
3    13.32.99.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    2a02:26f0:6c00:2b9::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
02179916.akstat.io
8    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
15    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a02:26f0:6c00:292::24e8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
wapi.ndtv.com
2    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
5    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
11    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
41    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
pubads.g.doubleclick.net
googleads4.g.doubleclick.net
1    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a02:26f0:f7:181::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
3    51.124.210.81 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
5    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
4    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
3    104.92.100.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-100-195.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com
a.teads.tv
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
ndtv-d.openx.net
u.openx.net
adpushup-d.openx.net
1    185.64.189.112 (None, )

ASN- ()
hbopenbid.pubmatic.com
2    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
12    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    2600:9000:2118:9000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
2    104.244.43.131 (United States)

ASN54113 (FASTLY, US)
abs-0.twimg.com
13    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)
pbs.twimg.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
10    2.20.157.55 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
26    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
24    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    209.54.177.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    54.194.75.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-75-122.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    2a05:d018:d29:3602:7f38:53ec:3dfe:9e2b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    3.70.4.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-4-136.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
20    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    51.89.21.21 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p13.id5-sync.com
id5-sync.com
3    34.249.222.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-222-239.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
sync.crwdcntrl.net
1    2a02:26f0:b600:188::2c79 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
tg1.aniview.com
3    2a02:26f0:b600:19b::2c79 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
12    52.202.68.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-68-121.compute-1.amazonaws.com
track1.aniview.com
1    3.232.80.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-80-154.compute-1.amazonaws.com
go1.aniview.com
1    8.28.7.92 (United States)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
2    213.19.147.45 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    44.194.158.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-158-136.compute-1.amazonaws.com
sync.aniview.com
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
5    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
3    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
4    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
7    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
12    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    2a00:1450:4007:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    2a00:1450:400e:4f::a (Ireland)

ASN15169 (GOOGLE, US)
rr5---sn-5hne6nsz.googlevideo.com
1    172.217.16.6 (United States)

ASN15169 (GOOGLE, US)
PTR: mil02s06-in-f6.1e100.net
ad.doubleclick.net
4    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
ade.googlesyndication.com
1    2606:4700:3036::ac43:c834 (United States)

ASN13335 (CLOUDFLARENET, US)
api.fouanalytics.com
1    2a00:1450:400c:c07::65 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
s.youtube.com
2    141.148.45.191 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
adpush.technoratimedia.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    18.193.173.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-173-189.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    178.128.135.80 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)
i.connectad.io
1    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    52.59.116.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-116-64.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
2    2a02:2638:1::3 (None, )

ASN- ()
static.criteo.net
2    2a02:2638:1::13 (None, )

ASN- ()
gum.criteo.com
1    178.250.2.146 (None, )

ASN- ()
mug.criteo.com
5    37.157.2.237 (None, )

ASN- ()
c1.adform.net
3    216.200.232.249 (None, )

ASN- ()
sync.mathtag.com
4    104.36.113.107 (None, )

ASN- ()
simage2.pubmatic.com
2    213.155.156.184 (None, )

ASN- ()
d5p.de17a.com
5    185.64.189.110 (None, )

ASN- ()
image2.pubmatic.com
1    178.250.2.151 (None, )

ASN- ()
dis.criteo.com
1    104.36.113.24 (None, )

ASN- ()
image4.pubmatic.com
3    51.79.83.225 (None, )

ASN- ()
pixel.onaudience.com
2    2606:4700:10::6816:1857 (None, )

ASN- ()
spl.zeotap.com
mwzeom.zeotap.com
1    169.50.137.182 (None, )

ASN- ()
um.simpli.fi
1    66.155.71.25 (None, )

ASN- ()
pixel-sync.sitescout.com
1    2600:9000:225e:9400:1b:5138:8a40:93a1 (None, )

ASN- ()
s.ad.smaato.net
1    2a00:1450:4001:808::200a (None, )

ASN- ()
ajax.googleapis.com
Apex Domain
Subdomains		 Transfer
57 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
pubads.g.doubleclick.net — Cisco Umbrella Rank: 487
ad.doubleclick.net — Cisco Umbrella Rank: 196
googleads4.g.doubleclick.net
245 KB
56 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
ade.googlesyndication.com — Cisco Umbrella Rank: 271
606 KB
29 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 624
syndication.twitter.com — Cisco Umbrella Rank: 891
814 KB
20 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 343
443 KB
19 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 461
hbopenbid.pubmatic.com
t.pubmatic.com — Cisco Umbrella Rank: 4364
image6.pubmatic.com — Cisco Umbrella Rank: 622
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com Failed
168 KB
18 aniview.com
tg1.aniview.com — Cisco Umbrella Rank: 9387
player.aniview.com — Cisco Umbrella Rank: 2009
track1.aniview.com — Cisco Umbrella Rank: 1962
go1.aniview.com — Cisco Umbrella Rank: 4795
sync.aniview.com — Cisco Umbrella Rank: 2806
222 KB
17 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 1480
abs-0.twimg.com — Cisco Umbrella Rank: 2700
pbs.twimg.com — Cisco Umbrella Rank: 664
217 KB
15 google.com
www.google.com — Cisco Umbrella Rank: 4
adservice.google.com — Cisco Umbrella Rank: 77
2 KB
15 ndtv.com
www.ndtv.com — Cisco Umbrella Rank: 45625
cdn.ndtv.com — Cisco Umbrella Rank: 63591
alerts.ndtv.com — Cisco Umbrella Rank: 68335
wapi.ndtv.com — Cisco Umbrella Rank: 94972
195 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 248
acdn.adnxs.com — Cisco Umbrella Rank: 597
45 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 11566
aplogger.adpushup.com — Cisco Umbrella Rank: 11990
e3.adpushup.com — Cisco Umbrella Rank: 15103
336 KB
12 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
501 KB
12 gstatic.com
fonts.gstatic.com
csi.gstatic.com
127 KB
12 ndtvimg.com
i.ndtvimg.com — Cisco Umbrella Rank: 65151
c.ndtvimg.com — Cisco Umbrella Rank: 31452
308 KB
11 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 463
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 556
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575
11 KB
10 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
imasdk.googleapis.com — Cisco Umbrella Rank: 417
ajax.googleapis.com
1 MB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
ssl.google-analytics.com — Cisco Umbrella Rank: 279
73 KB
7 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
ups.analytics.yahoo.com — Cisco Umbrella Rank: 300
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1137
2 KB
6 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 458
eus.rubiconproject.com — Cisco Umbrella Rank: 567
token.rubiconproject.com — Cisco Umbrella Rank: 675
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1106
13 KB
6 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 302
s.amazon-adsystem.com — Cisco Umbrella Rank: 281
42 KB
5 adform.net
c1.adform.net
3 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 758
gum.criteo.com
mug.criteo.com
dis.criteo.com
7 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 860
2 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 355
2 KB
4 openx.net
ndtv-d.openx.net — Cisco Umbrella Rank: 86469
u.openx.net — Cisco Umbrella Rank: 709
adpushup-d.openx.net — Cisco Umbrella Rank: 12654
786 B
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 975
pixel.quantserve.com — Cisco Umbrella Rank: 423
21 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 5383
adservice.google.de — Cisco Umbrella Rank: 7579
2 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1709
sync.crwdcntrl.net
951 B
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
101 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 137
2 KB
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
904 B
2 de17a.com
d5p.de17a.com
637 B
2 criteo.net
static.criteo.net
62 KB
2 technoratimedia.com
adpush.technoratimedia.com — Cisco Umbrella Rank: 24274
431 B
2 googlevideo.com
rr5---sn-5hne6nsz.googlevideo.com — Cisco Umbrella Rank: 57040
545 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 542
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 723
2 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 647
59 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1272
c.go-mpulse.net — Cisco Umbrella Rank: 558
48 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
115 KB
1 smaato.net
s.ad.smaato.net
443 B
1 sitescout.com
pixel-sync.sitescout.com
191 B
1 simpli.fi
um.simpli.fi
610 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 607
741 B
1 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1077
112 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1173
345 B
1 connectad.io
i.connectad.io — Cisco Umbrella Rank: 6894
316 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1206
903 B
1 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3253
982 B
1 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1356
334 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4167
401 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 436
2 KB
1 youtube.com
s.youtube.com — Cisco Umbrella Rank: 581
1 fouanalytics.com
api.fouanalytics.com — Cisco Umbrella Rank: 7695
601 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 699
530 B
1 akstat.io
02179916.akstat.io — Cisco Umbrella Rank: 54482
200 B
1 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 2914
444 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 289
220 B
1 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 216
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 903
345 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1209
246 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 656
326 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 104
17 KB
1 t.co
t.co — Cisco Umbrella Rank: 476
584 B
417 66
Domain Requested by
26 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.ndtv.com
srcdoc
2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
24 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.ndtv.com
cdn.ampproject.org
imasdk.googleapis.com
2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
s0.2mdn.net
24 platform.twitter.com www.ndtv.com
platform.twitter.com
20 cdn.ampproject.org securepubads.g.doubleclick.net
17 cm.g.doubleclick.net 9 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
15 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.ndtv.com
t.co
14 googleads.g.doubleclick.net www.googleadservices.com
www.ndtv.com
player.aniview.com
2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
t.co
13 pbs.twimg.com platform.twitter.com
12 s0.2mdn.net imasdk.googleapis.com
t.co
s0.2mdn.net
12 track1.aniview.com www.ndtv.com
player.aniview.com
12 ib.adnxs.com 3 redirects ads.pubmatic.com
acdn.adnxs.com
player.aniview.com
cdn.adpushup.com
googleads.g.doubleclick.net
11 c.ndtvimg.com
11 www.google.com 4 redirects www.ndtv.com
tpc.googlesyndication.com
9 cdn.ndtv.com www.ndtv.com
8 fonts.gstatic.com fonts.googleapis.com
8 www.google-analytics.com www.ndtv.com
www.google-analytics.com
www.googletagmanager.com
7 pubads.g.doubleclick.net imasdk.googleapis.com
7 imasdk.googleapis.com player.aniview.com
imasdk.googleapis.com
6 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
5 image2.pubmatic.com ads.pubmatic.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 onetag-sys.com 1 redirects player.aniview.com
cdn.adpushup.com
2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
5 e3.adpushup.com www.ndtv.com
5 syndication.twitter.com platform.twitter.com
5 cdn.adpushup.com www.ndtv.com
cdn.adpushup.com
t.co
4 simage2.pubmatic.com ads.pubmatic.com
4 ade.googlesyndication.com
4 csi.gstatic.com imasdk.googleapis.com
4 c2shb.pubgw.yahoo.com player.aniview.com
4 match.adsrvr.org 2 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
4 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
4 c.amazon-adsystem.com www.ndtv.com
c.amazon-adsystem.com
4 ads.pubmatic.com www.ndtv.com
player.aniview.com
ads.pubmatic.com
4 www.ndtv.com t.co
www.ndtv.com
3 pixel.onaudience.com 3 redirects
3 sync.mathtag.com 3 redirects
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 player.aniview.com tg1.aniview.com
player.aniview.com
3 htlb.casalemedia.com ads.pubmatic.com
cdn.adpushup.com
3 aplogger.adpushup.com www.ndtv.com
3 www.googletagservices.com www.ndtv.com
securepubads.g.doubleclick.net
2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
3 sb.scorecardresearch.com 1 redirects www.ndtv.com
2 googleads4.g.doubleclick.net t.co
2 sync.crwdcntrl.net 2 redirects
2 d5p.de17a.com 2 redirects
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 adpushup-d.openx.net cdn.adpushup.com
2 adpush.technoratimedia.com cdn.adpushup.com
2 rr5---sn-5hne6nsz.googlevideo.com 1 redirects
2 sync.1rx.io 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
2 2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 js-sec.indexww.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 acdn.adnxs.com ads.pubmatic.com
player.aniview.com
2 eus.rubiconproject.com ads.pubmatic.com
eus.rubiconproject.com
2 adservice.google.de securepubads.g.doubleclick.net
2 abs-0.twimg.com platform.twitter.com
2 cdn.syndication.twimg.com platform.twitter.com
2 pixel.quantserve.com 1 redirects www.ndtv.com
2 fastlane.rubiconproject.com ads.pubmatic.com
cdn.adpushup.com
2 secure.quantserve.com cdn.adpushup.com
2 www.google.de www.ndtv.com
2 code.jquery.com cdn.adpushup.com
2 www.googletagmanager.com www.ndtv.com
www.googletagmanager.com
2 fonts.googleapis.com www.ndtv.com
securepubads.g.doubleclick.net
1 ajax.googleapis.com s0.2mdn.net
1 s.ad.smaato.net 1 redirects
1 pixel-sync.sitescout.com 2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
1 um.simpli.fi ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 mug.criteo.com
1 bidder.criteo.com cdn.adpushup.com
1 ap.lijit.com cdn.adpushup.com
1 btlr.sharethrough.com cdn.adpushup.com
1 prebid.a-mo.net cdn.adpushup.com
1 i.connectad.io cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 e.serverbid.com cdn.adpushup.com
1 prg.smartadserver.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 s.youtube.com
1 api.fouanalytics.com player.aniview.com
1 ad.doubleclick.net
1 ups.analytics.yahoo.com player.aniview.com
1 sync.aniview.com player.aniview.com
1 t.pubmatic.com ads.pubmatic.com
1 go1.aniview.com player.aniview.com
1 tg1.aniview.com securepubads.g.doubleclick.net
1 id.crwdcntrl.net ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 02179916.akstat.io s.go-mpulse.net
1 cm.ctnsnet.com 1 redirects
1 x.bidswitch.net ssum-sec.casalemedia.com
1 dpm.demdex.net ssum-sec.casalemedia.com
1 token.rubiconproject.com eus.rubiconproject.com
1 u.openx.net ads.pubmatic.com
1 rules.quantcount.com secure.quantserve.com
1 hbopenbid.pubmatic.com ads.pubmatic.com
cdn.adpushup.com
1 ndtv-d.openx.net ads.pubmatic.com
1 a.teads.tv ads.pubmatic.com
1 c.go-mpulse.net s.go-mpulse.net
1 stats.g.doubleclick.net www.google-analytics.com
1 trc.taboola.com www.ndtv.com
1 wapi.ndtv.com www.ndtv.com
1 s.go-mpulse.net www.ndtv.com
1 ssl.google-analytics.com www.ndtv.com
1 alerts.ndtv.com www.ndtv.com
1 www.googleadservices.com www.ndtv.com
1 i.ndtvimg.com www.ndtv.com
1 t.co
0 simage4.pubmatic.com Failed ads.pubmatic.com
417 119
Subject Issuer Validity Valid
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
ndtv.com
DigiCert SHA2 Secure Server CA		 2022-02-10 -
2023-02-10		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-22 -
2022-06-21		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
akstat.io
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-15 -
2023-04-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.adpushup.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-27 -
2022-08-29		 2 years crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
teads.tv
R3		 2022-03-23 -
2022-06-21		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
e.serverbid.com
R3		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
*.a-mo.net
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh

This page contains 46 frames:

Primary Page: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Frame ID: 437291AF141B4E1A6FB260A0C1DA4CAE
Requests: 171 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/P4S98-FTZ59-DVK4T-C5SG5-AXGYM
Frame ID: A5F6FCE64568F81041E03B48215D3C9C
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.ndtv.com
Frame ID: 2888650D3A9710320D5A4298485FF9DB
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498792639877074945&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
Frame ID: A737CAF9954182A89ED232FC06A1A35E
Requests: 19 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498903566135832577&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
Frame ID: 78E41EDF90ABBAE3861C2F1964D69D72
Requests: 23 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 46BE5ACA0532E291A5F06B6B00BBC58C
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8A909F623C50DADE6519E99515488FFF
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 4D3B06F25878473397057637D83BAB45
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0DFFFD106A0BFD3BEBD448DB55696B4A
Requests: 1 HTTP requests in this frame

Frame: https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D7FA965F3CA02E2A4C4DF5263D4593A5
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ndtv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 6A0393818EEDC2611CF2EA7F3D51A423
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 237E8533B031E99D6ABE4E093559199E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2CDF51E673BD62176B28AB070BD0576B
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 3DD1297D95AE49954019E849ACBDAE12
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: AD47C963AF5817AFC344A473ABE9E2AB
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: A6D55A15564A1318487AA0D4B030E049
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 22077FD550DF1B69A2387BF5A658C0CA
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyyhespPS3T1X1NfKG3BpCPsegM0OF9lcu7WqbsdhI4du3Aq-olU6RCGKv8K4ai9lSbziYyWhj5tUFjDxR4Ah1GVZtSXs50NHOHksAAV9640BlD3v_D25TNJGmlfue50hsI6BNaSKUDgc4IUJtMd4_sqM0yCtFdXmtMA40D9wlAqVtLFw0R6H6KRXjsRRKIv-Rp2Cip6YubN-4EH9-6yB-ztyedGs5GmINYxcMTfbY8fxO6KeoX6gzHazVX9SRbJvc-ooggo1HQ9O_w7r5Dwy5IPosD5pNKW6HPc3g1n7G4wSUv9OSCvd2BUTF1yfQ2HkFzL3mowH6I6kV&sig=Cg0ArKJSzO6RfJ9CYztwEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 48CCAB0A849F67F7EDA71A5AA06AD368
Requests: 6 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=614ae5b1d660a1446c352c0d
Frame ID: A1FBF8F05868AB9AB06301F99C845F6C
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1650283093008-912834300205-005476-003-004954%26biddername%3D1%26key%3D
Frame ID: AB8936BD39D0DC5ADB459DFD645B59A7
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1650283093008-912834300205-005476-003-004954&biddername=200&key=OPTOUT
Frame ID: 470C6756DF70857141B541BDA3C479CB
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 84639AAE9AAF95941C167C07C6B61B11
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Frame ID: CB3D794C8BAF820F3CDAC2C8A2D3E363
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Frame ID: 17BBBB1852AF3DB73E1DD95C99E48F61
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Frame ID: EC8FD629F7A67C898A50335BBA11ACA5
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Frame ID: 5CE46A2F41B3D20D19F08368F39B771E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 99E836D8FC33577C9FC7B1A70BA4CA7C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 72707041CED5C261431E3D679CBD6000
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5B5B1B9E161B395D12B423AE48A57727
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 76D8ACDD9B229FD786B31E489529FE85
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 91F7712B39289EFA02EBD7C580DFFE79
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Frame ID: 7E90722490D996956F7AF75C930914D6
Requests: 26 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 245D1330B188F09467BA9E757621968E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: AA27909167C74FAC5D79FDB9290454F1
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.ndtv.com
Frame ID: 36498E96093B1F400B3A1512E6EC7D04
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 217BF7F6BDC3EBA878855051A2EAC87D
Requests: 13 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B0A4F84F-A117-4F62-8BBF-924C0AFEABA4
Frame ID: 24590D57296C7A54ED71A61931BA70F1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ee2a625d-525c-4a00-97d2-33eb680670ee&gdpr=0&gdpr_consent=
Frame ID: D8FA9EC1A984914ED94F29133DF7226D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3237071030811823122
Frame ID: 9D3B88FCE7B62D1CC4C187A2A245C9D1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 099138545AECC49D65429D93B9D1B7CD
Requests: 1 HTTP requests in this frame

Frame: https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 260366AACEAE6A338CE31AF7C8F3C939
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY1535xgEwAQ&v=APEucNXuE1RGUmjE7D8NfUrB4Xxk3bdNkTW9I5Xvpd3e2jgP8eX2iA8BX1_mwSgDm37HPyO4s8TNFvxgnWmzn9Nz_03FsR6xdXtb3J55oA6RAEQhrCIZiGY4AzXQNBsVKcgMF4D0-AEaShzc_5keWmUHj1aHcZ8oWiEN5ZebNAaQmPn2Ba1xQ6M
Frame ID: 0F8C97DADEFCB5FE910B99D82862046C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 07200ED80484D9E0C575CAE53DCB989B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 551CB1ABDE91F8C52C6EF055513AD9E5
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4976537142131971990/index.html?e=69&leftOffset=0&topOffset=0&c=t13bGR0GOv&t=1&renderingType=2
Frame ID: C864AAD83224F1802ED8247F1FB69627
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Frame ID: 0396DA624BF2B82F4A6A9BD8822ECC50
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Western Hackers Used Russia's Own Ransomware Against It In Cyberattack on Roscosmos: ReportlivetvarrowprintemailchatlinkedinredditWhatsAppfacebooktwittermorenotificationsearchsnapchatkoo

Page URL History Show full URLs

  1. https://t.co/EPE1QIG4we Page URL
  2. https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberat... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

417
Requests

88 %
HTTPS

44 %
IPv6

66
Domains

119
Subdomains

98
IPs

8
Countries

6516 kB
Transfer

16347 kB
Size

42
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/EPE1QIG4we Page URL
  2. https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://sb.scorecardresearch.com/b?c1=2&c2=9548033&ns__t=1650283089335&ns_c=UTF-8&cv=3.5&c8=Western%20Hackers%20Used%20Russia%27s%20Own%20Ransomware%20Against%20It%20In%20Cyberattack%20on%20Roscosmos%3A%20Report&c7=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&c9=https%3A%2F%2Ft.co%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=9548033&ns__t=1650283089335&ns_c=UTF-8&cv=3.5&c8=Western%20Hackers%20Used%20Russia%27s%20Own%20Ransomware%20Against%20It%20In%20Cyberattack%20on%20Roscosmos%3A%20Report&c7=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&c9=https%3A%2F%2Ft.co%2F
Request Chain 127
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 129
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ndtv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ndtv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 131
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yl1SU2bP0H8x5hwEskKzKAAABIoAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yl1SU2bP0H8x5hwEskKzKAAABIoAAAIB&dcc=t
Request Chain 133
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yl1SU2bP0H8x5hwEskKzKAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAadR-LpCPO7jJ14yG7Udqk&google_cver=1&gdpr=1
Request Chain 138
  • https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=a8f9be90d8ac495d8dc6ccb57a7dd058&expiration=1652875091
Request Chain 171
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 175
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 189
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 202
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 224
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1650283093008-912834300205-005476-003-004954%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&zcc=1&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1650283093008-912834300205-005476-003-004954%26biddername%3D200%26key%3D%5BRX_UUID%5D&cb=1650283093126 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1650283093008-912834300205-005476-003-004954&biddername=200&key=OPTOUT
Request Chain 277
  • https://rr5---sn-5hne6nsz.googlevideo.com/videoplayback?expire=1650311895&ei=V1JdYs93zOCBB-r3saAD&ip=185.213.155.166&id=d28b69b5aad554b2&itag=22&source=youtube&requiressl=yes&mh=QK&mm=31&mn=sn-5hne6nsz&ms=au&mv=m&mvi=5&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1646888899273497&mt=1650282797&txp=4432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgDuJ1mLRw0Ra7Q8no24B-Lf0EAdjZJXd_PYQNAlOxoq4CICIJc8GGQ8_Duzh06_NKG590vIeWGr4CmWwA-gnOnpVz&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgDeimc-kaSE-gm44qFny-mMt95SeWJ3himehTVQhjDikCIQDBke0AENPEmKsufnchW1ZnG-L5ljbSe5nIhjk5wFQcFw==&cpn=jwFoN2CPmuYOWPXa HTTP 302
  • https://rr5---sn-5hne6nsz.googlevideo.com/videoplayback?expire=1650311895&ei=V1JdYs93zOCBB-r3saAD&ip=185.213.155.166&id=d28b69b5aad554b2&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1646888899273497&txp=4432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgDuJ1mLRw0Ra7Q8no24B-Lf0EAdjZJXd_PYQNAlOxoq4CICIJc8GGQ8_Duzh06_NKG590vIeWGr4CmWwA-gnOnpVz&cpn=jwFoN2CPmuYOWPXa&redirect_counter=1&rm=sn-5hnell76&req_id=70ed8f499c4d36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=QK&mip=2a03:1b20:6:f011::6e&mm=31&mn=sn-5hne6nsz&ms=au&mt=1650283035&mv=m&mvi=5&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAMST7FTqOrli6o29SmI6UtEH_AfQy26sClx-ShYEp1diAiEA-Fh3ieDbnLgl-5ZVyeOmgnTDKcTZe06R6qXQ0A2gZDY%3D
Request Chain 361
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ndtv.com&sn=ChromeSyncframe&so=0&topUrl=www.ndtv.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Irc_GnwwekJPSTQ4NkllOGh4ZWZpS1lNbmJGOHFLcjRLN2tVS2xVR051VEt2bDFTL2tZeEllcitJV1BXYmdSSmxMT0dXVEZndk0xUnJJdFhCaUVTVk50Uy9wWkZ3alphTm11M2JTYUE4SDA4NURqUnRiTFpUVlVTZHNKOUlKc2VWNksvWnA5Vzl5Y01OUkg2S24yejczSXYxdVlNYVlmdmpheFgzZzI0cnlPSHJYTktzUXVLOUdGVFBpL1RJN1BzZWVENFc5a01EL21FWDdXRjFuczZJeGhaZG11blVENzZIb2V0bUxSUXUyeTF2Sk1BQTZaQTNnRWZ1ajRpT3VTdkNSWlh2SjhWUHBERlhJbVlReXNucDlNRTVuZz09fA&cppv=2
Request Chain 364
  • https://c1.adform.net/serving/cookie/match?party=14&cid=B0A4F84F-A117-4F62-8BBF-924C0AFEABA4 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B0A4F84F-A117-4F62-8BBF-924C0AFEABA4
Request Chain 365
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ee2a625d-525c-4a00-97d2-33eb680670ee&gdpr=0&gdpr_consent=
Request Chain 366
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3237071030811823122
Request Chain 367
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 368
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sKT4T6EXT2KLv5JMCv6rpA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 369
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fa2f625d-525c-4a00-b01c-92eb7a46d052
Request Chain 370
  • https://pixel.onaudience.com/?partner=214&mapped=B0A4F84F-A117-4F62-8BBF-924C0AFEABA4 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=d087d92f-ab61-4541-8997-7fa4bf9836c4&icm HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=76d4a00704022d6b/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=76d4a00704022d6b/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=76d4a00704022d6b HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a65c3258-1295-41f7-7bc9-83438819dfcf&reqId=0cd30dd2-5b41-4a89-5f9b-abe1b3b0b69c&zcluid=76d4a00704022d6b&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEN-YMWuBvX63N8VfsIAY0Q0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a65c3258-1295-41f7-7bc9-83438819dfcf&reqId=0cd30dd2-5b41-4a89-5f9b-abe1b3b0b69c&zcluid=76d4a00704022d6b&zdid=1332
Request Chain 371
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjBBNEY4NEYtQTExNy00RjYyLThCQkYtOTI0QzBBRkVBQkE0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 372
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEx7AuxDaWv3zv269xMh4B0&google_cver=1
Request Chain 374
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2869244627131613056
Request Chain 375
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d087d92f-ab61-4541-8997-7fa4bf9836c4
Request Chain 376
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8609762859183615369&gdpr=0&gdpr_consent=
Request Chain 377
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RT9b_EY_W6pePFf5RjlDqUFrDaFeOQ2vQDx5NiAF
Request Chain 385
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2BaU83T3FzupI2RSNmzPs&google_cver=1
Request Chain 386
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yl1SU2bP0H8x5hwEskKzKAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2BaU83T3FzupI2RSNmzPs&google_cver=1
Request Chain 387
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIytdGaOGG2p_qjtEevZTes&google_cver=1
Request Chain 388
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYwOTc2Mjg1OTE4MzYxNTM2OQ%3D%3D
Request Chain 397
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMjD6dKSclHxwyxwtaUtSTU&google_cver=1&google_push=AYg5qPLkjkheSvTZ4Flo2kW3ALWpcc0OHP6K3o8nrPgZM2brpzDJ7LL3HEjrMwC9tXQ-slkGFbtd1W94fiKiPhfA6s95VGzXysDA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=-i9iXVJcSgCwHJLrekbQUg&google_push=AYg5qPLkjkheSvTZ4Flo2kW3ALWpcc0OHP6K3o8nrPgZM2brpzDJ7LL3HEjrMwC9tXQ-slkGFbtd1W94fiKiPhfA6s95VGzXysDA
Request Chain 399
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEVFJDgA-vviITTPUPc2L-M&google_cver=1&google_push=AYg5qPKMSsFFo5PTnPWfbhe7eCwj-udMAW1089NYVGthUQPU44siX1woIzREhn20KoRGUb73SA0edhiQscoTp8oW6vtWKK7kRkJE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKMSsFFo5PTnPWfbhe7eCwj-udMAW1089NYVGthUQPU44siX1woIzREhn20KoRGUb73SA0edhiQscoTp8oW6vtWKK7kRkJE&google_hm=NDQxODA0NTQzMzcxNzA5MDMwNQ%3D%3D
Request Chain 400
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMBfhVQ7t9tuwCTCSbVwzsY&google_cver=1&google_push=AYg5qPJNZuYE6S83LEFKRAM56aW3GXT3KKPVMD-wPP7HxeVTa7p5up_pUFhy2sN32eYlEi4AqWlKxtnCUBTQbbE6p1tcwvvwhwMA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg2OTI0NDYyNzEzMTYxMzA1Ng&google_push=AYg5qPJNZuYE6S83LEFKRAM56aW3GXT3KKPVMD-wPP7HxeVTa7p5up_pUFhy2sN32eYlEi4AqWlKxtnCUBTQbbE6p1tcwvvwhwMA
Request Chain 401
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPxz_Ff5TY3SIwswaZAXwSM&google_cver=1&google_push=AYg5qPLXtAWSXZ5tYEF7zl3Hmi_rQrg4-A6TetMTJL7WKbvS8KL-jMiE734-_PaAeLNNiofXbbcMHwsEEc07X1SzvibfpiZYYlUadg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sKT4T6EXT2KLv5JMCv6rpA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLXtAWSXZ5tYEF7zl3Hmi_rQrg4-A6TetMTJL7WKbvS8KL-jMiE734-_PaAeLNNiofXbbcMHwsEEc07X1SzvibfpiZYYlUadg
Request Chain 402
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELCTa3wb0f9ATUg8iglgYl4&google_cver=1&google_push=AYg5qPLLFcBOT4Ap5MRWkVM1ebiO48dIwMP1ya-slhvFuR18QTUrt6HxOqnyCmvbmB80sGGSV4ATaRRRv6ZtzRUYRrxTuTQS0CZA_w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLLFcBOT4Ap5MRWkVM1ebiO48dIwMP1ya-slhvFuR18QTUrt6HxOqnyCmvbmB80sGGSV4ATaRRRv6ZtzRUYRrxTuTQS0CZA_w
Request Chain 403
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELa2ATUSwPgXS00vnTgV7JY&google_cver=1&google_push=AYg5qPJfbGgcI8v-wKyVbeHfrKA2aYQ2zHRJoQGlv9ogbBh1TZv-Yp9SU0GnWN83SDsVgRNuhIozntWvpLykdqpI8yKBEOzfs0QHmWo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPJfbGgcI8v-wKyVbeHfrKA2aYQ2zHRJoQGlv9ogbBh1TZv-Yp9SU0GnWN83SDsVgRNuhIozntWvpLykdqpI8yKBEOzfs0QHmWo HTTP 302
  • https://onetag-sys.com/sync/i,19/?google_error=5

417 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
EPE1QIG4we
t.co/ 		543 B
584 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/EPE1QIG4we
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
252
content-type
text/html; charset=utf-8
date
Mon, 18 Apr 2022 11:58:08 GMT
expires
Mon, 18 Apr 2022 12:03:08 GMT
server
tsa_o
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
027fdcf6962412dc771f43718202a39b1566488b6ebf74b86a370111b5034b7c
x-response-time
119
x-xss-protection
0
Primary Request western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
www.ndtv.com/world-news/ 		249 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Requested by
Host: t.co
URL: https://t.co/EPE1QIG4we
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b67c1f9db766d16c4dce1708a903cb3e70da2479c61ffb961d4cd2fa51a5865f

Request headers

Referer
https://t.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=372
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Apr 2022 11:58:09 GMT
expires
Mon, 18 Apr 2022 12:04:21 GMT
pragma
public
server
nginx
server-timing
cdn-cache; desc=HIT edge; dur=137
vary
Accept-Encoding User-Agent
x-akamai-transformed
9 69763 0 pmb=mRUM,1
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6058
date
Mon, 18 Apr 2022 10:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 18 Apr 2022 12:17:11 GMT
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1882c762bf492837eea6aa2758ab13645e3a29e02bfa1b0aa40ae38f9815d80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 10:27:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 18 Apr 2022 11:58:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Apr 2022 11:58:09 GMT
amp-widget-stories.css
cdn.ndtv.com/static/web/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ndtv.com/static/web/css/amp-widget-stories.css?ver-20220417.02
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
692381cc1d4c2d8f88a02c18519d57db15e093a15fd010fdfb99f40cd2480efe
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:09 GMT
content-encoding
gzip
last-modified
Wed, 09 Mar 2022 15:51:51 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31622400
strict-transport-security
max-age=2628000
content-length
1302
expires
Wed, 19 Apr 2023 11:58:09 GMT
cyberattack-afp_650x400_41494673551.jpg
i.ndtvimg.com/i/2017-05/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ndtvimg.com/i/2017-05/cyberattack-afp_650x400_41494673551.jpg
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
6f7bb70f5a1d736a9913474e61b5070026dbee34a7784326b9e143079dea03fd
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:09 GMT
x-check-cacheable
YES
x-serial
1931
etag
"ce51e6fa87dab05a094961a572b21a59:1494673552"
strict-transport-security
max-age=600
content-type
image/webp
cache-control
private, no-transform, max-age=1606351
last-modified
Sat, 15 Jan 2022 16:41:26 GMT
content-length
23776
server
Akamai Image Manager
expires
Sat, 07 May 2022 02:10:40 GMT
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E2) /
Resource Hash
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:09 GMT
Content-Encoding
gzip
Age
1298
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
29461
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 12:38:34 GMT
Server
ECS (frb/67E2)
Etag
"f1369725ba22125b0df0251e74090aa0+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
conversion.js
www.googleadservices.com/pagead/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
9f2fc412da514ae1b4748fb922a7e06c5aab9a29296e3c021f86513f6a1e8ae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17225
x-xss-protection
0
server
cafe
etag
16958488767326041532
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 18 Apr 2022 11:58:09 GMT
web.png
alerts.ndtv.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alerts.ndtv.com/images/web.png
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7:1a0::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04e835d76058e5b931b8308d423c80a750ee724f589d5278f54b436409e0ba11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:09 GMT
last-modified
Mon, 20 Mar 2017 08:10:06 GMT
server
AmazonS3
etag
"329695ad5b24909514ffefdbb3f8c344"
content-type
image/png
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
3763
expires
Mon, 18 Apr 2022 11:58:09 GMT
common_script.js
cdn.ndtv.com/static/js/ 		139 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ndtv.com/static/js/common_script.js?ver-20220417.02
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2a7e90a4b19d2e01f93f2fa38376ae2edb5494934a2ead9ac38fad062fd29db8
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:09 GMT
content-encoding
gzip
last-modified
Wed, 09 Mar 2022 15:51:46 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31622400
strict-transport-security
max-age=2628000
content-length
56750
expires
Wed, 19 Apr 2023 11:58:09 GMT
custom.js
cdn.ndtv.com/static/web/js/ 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ndtv.com/static/web/js/custom.js?ver-20220417.02
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cd896bec219bda00d0a0d6893a938cecb96ca2cb7a6a4158e55fd8ccd0b33d8e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:09 GMT
content-encoding
gzip
last-modified
Wed, 09 Mar 2022 15:51:50 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31622400
strict-transport-security
max-age=2628000
content-length
16483
expires
Wed, 19 Apr 2023 11:58:09 GMT
swiper.min.js
cdn.ndtv.com/static/web/js/ 		125 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ndtv.com/static/web/js/swiper.min.js?vvvver-20220417.02
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f3c687666850217c5a5477ac42cda73888e783ba56a49e56fe1321418f713e3f
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:09 GMT
content-encoding
gzip
last-modified
Wed, 09 Mar 2022 15:51:34 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31622400
strict-transport-security
max-age=2628000
content-length
40418
expires
Wed, 19 Apr 2023 11:58:09 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/158451/3766/ 		479 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.2 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-2.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2157c8a2ea78c709c1f24e54ae5531e2aba63765a985c246e88968714a848a34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:09 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 10:03:51 GMT
server
Apache/2.2.15 (CentOS)
etag
"10e1608-77a81-5cd1f727ab75b"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=68578
accept-ranges
bytes
content-type
text/javascript
content-length
127690
expires
Tue, 19 Apr 2022 07:01:07 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
6RTeJ.t3xDSJXjTxhAMtPfr9IcIsozAE
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
369
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1AQ79E7B4Y17WWVH2WPT
date
Mon, 18 Apr 2022 11:52:07 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
dPvpQzpGIA9TiHDH79nWPjQW7JkbHfbrwxZL6w0PIGs5fgG3nLB87w==
adpushup.js
cdn.adpushup.com/42260/ 		423 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42260/adpushup.js
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:99f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e9b8ac728e97dd471e576c6e0bcea8034b81123c9375fed98c4d61c1c6b9f3

Request headers

Referer
https://www.ndtv.com/
Origin
https://www.ndtv.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Apr 2022 14:04:30 GMT
server
cloudflare
age
337998
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
x-cf-geodata
DE
cf-ray
6fdd3a1bf9ce910c-FRA
expires
Tue, 19 Apr 2022 11:58:09 GMT
gtm.js
www.googletagmanager.com/ 		275 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N2R2KQQ
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
872155e131359e0feaf043a07dd1136942ccd2f0f48864668d0770f3908bc55c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70678
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 18 Apr 2022 11:58:09 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4034
date
Mon, 18 Apr 2022 10:50:55 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 18 Apr 2022 12:50:55 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 05:00:31 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
28289
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
r7dqEVWBfoAysX6Ysb4XfuCKdahfqljILnAvNNf75eEaGe5LwasSTg==
P4S98-FTZ59-DVK4T-C5SG5-AXGYM
s.go-mpulse.net/boomerang/ Frame A5F6 		187 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/P4S98-FTZ59-DVK4T-C5SG5-AXGYM
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:09 GMT
content-encoding
br
last-modified
Tue, 08 Mar 2022 06:34:33 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
47928
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83746571a58d9ef5351b5d346c481a9d59bebf576c6283180dbc3afdf15d5d29

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ndtv.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:46:21 GMT
x-content-type-options
nosniff
age
295908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Apr 2023 01:46:21 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ndtv.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:56:19 GMT
x-content-type-options
nosniff
age
410510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Apr 2023 17:56:19 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88e4e0644a8cc0fcbfa80087d7b4b01ed78b002161c806a48b82cbcc0ba8990e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
www.google-analytics.com/j/ 		2 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1702610171&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Western%20Hackers%20Used%20Russia%27s%20Own%20Ransomware%20Against%20It%20In%20Cyberattack%20on%20Roscosmos%3A%20Report&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=479137189&gjid=1783384615&cid=817571239.1650283089&tid=UA-2598638-50&_gid=734030611.1650283089&_r=1&_slc=1&z=502687636
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1702610171&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Western%20Hackers%20Used%20Russia%27s%20Own%20Ransomware%20Against%20It%20In%20Cyberattack%20on%20Roscosmos%3A%20Report&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=1373674343&gjid=647348351&cid=817571239.1650283089&tid=UA-11243047-47&_gid=734030611.1650283089&_r=1&_slc=1&z=435711816
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1702610171&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Western%20Hackers%20Used%20Russia%27s%20Own%20Ransomware%20Against%20It%20In%20Cyberattack%20on%20Roscosmos%3A%20Report&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=684317864&gjid=1864184450&cid=817571239.1650283089&tid=UA-2598638-73&_gid=734030611.1650283089&_r=1&_slc=1&z=732540339
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ndtv.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 13:17:51 GMT
x-content-type-options
nosniff
age
254418
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 15 Apr 2023 13:17:51 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ndtv.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 07:29:47 GMT
x-content-type-options
nosniff
age
275302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 15 Apr 2023 07:29:47 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=9548033&ns__t=1650283089335&ns_c=UTF-8&cv=3.5&c8=Western%20Hackers%20Used%20Russia%27s%20Own%20Ransomware%20Against%20It%20In%20Cyberattack%20on%20Roscosm...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=9548033&ns__t=1650283089335&ns_c=UTF-8&cv=3.5&c8=Western%20Hackers%20Used%20Russia%27s%20Own%20Ransomware%20Against%20It%20In%20Cyberattack%20on%20Roscos...
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=9548033&ns__t=1650283089335&ns_c=UTF-8&cv=3.5&c8=Western%20Hackers%20Used%20Russia%27s%20Own%20Ransomware%20Against%20It%20In%20Cyberattack%20on%20Roscosmos%3A%20Report&c7=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&c9=https%3A%2F%2Ft.co%2F
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:09 GMT
via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
LZ9hs9M_42iafvRzVuJDdjfZKSTnv0RvUAZ0BlqCUqf5eiHxUlCAbg==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=9548033&ns__t=1650283089335&ns_c=UTF-8&cv=3.5&c8=Western%20Hackers%20Used%20Russia%27s%20Own%20Ransomware%20Against%20It%20In%20Cyberattack%20on%20Roscosmos%3A%20Report&c7=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&c9=https%3A%2F%2Ft.co%2F
date
Mon, 18 Apr 2022 11:58:09 GMT
via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
0
x-amz-cf-id
AQ54O8Sy73fN3RJ68FVW_891yUZoDmhmjCBnYmmSEyiDI5CEEQvHMg==
x-cache
Miss from cloudfront
card-icon.svg
www.ndtv.com/static/web/images/ 		182 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ndtv.com/static/web/images/card-icon.svg
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c76e9406067155766a796b39d63d8e1d624b6433b374648c5c7c70984bb1af3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:09 GMT
last-modified
Mon, 13 Sep 2021 06:59:29 GMT
server
nginx
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=308835431
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
182
expires
Fri, 30 Jan 2032 23:35:20 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ndtv.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 14:02:01 GMT
x-content-type-options
nosniff
age
510968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 12 Apr 2023 14:02:01 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ndtv.com&pubid=5d5467fe-bc8c-4335-993a-e0314547592e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 07:13:25 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
server
Server
age
17083
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.ndtv.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
iCgu-h4AwcroxvSRVBL5sfyq1pnXO1h_Itp9594_40NumM5MMNDYdA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&pr=https%3A%2F%2Ft.co%2F&pid=R6VSeAa1lpYtj&cb=0&ws=1600x1200&v=7.75.0&t=1000&slots=%5B%7B%22sd%22%3A%22adslot728x90ATF%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F1068322%2FNDTV_ISP_728x90_ATF%22%7D%2C%7B%22sd%22%3A%22adslot300x250ATF%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1068322%2FNDTV_ISP_300x250_ATF%22%7D%2C%7B%22sd%22%3A%22adslot300x250BTF2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F1068322%2Fndtv_news_ros_300x250_btf-2%22%7D%2C%7B%22sd%22%3A%22adslot300x250BTF%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1068322%2FNDTV_News_ROS_300x250_BTF%22%7D%5D&pubid=5d5467fe-bc8c-4335-993a-e0314547592e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:09 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
ZY342Z0DAYNQR0Q4M4J8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.ndtv.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
ulnnwG2VaJYOAsz0M4aTzLdcUxx8f8veGbBz353qpcaS3ENPPezOLg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
16985
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
date
Mon, 18 Apr 2022 10:15:15 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
nI877et9JKBuMC5RpTvYrKK2TLNt4WllfrIAicGBEP72uOP5gBIlbg==
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ndtv.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 17:58:32 GMT
x-content-type-options
nosniff
age
410377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Apr 2023 17:58:32 GMT
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a731903d6c5681c15fb95da42d7676b7b0a77a14c4553edb7b03d490e153b7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28586
x-xss-protection
0
server
sffe
etag
"1190 / 32 of 1000 / last-modified: 1650280021"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 18 Apr 2022 11:58:09 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/968076326/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/968076326/?random=1650283089455&cv=9&fst=1650283089455&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&ref=https%3A%2F%2Ft.co%2F&tiba=Western%20Hackers%20Used%20Russia%27s%20Own%20Ransomware%20Against%20It%20In%20Cyberattack%20on%20Roscosmos%3A%20Report&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6488702a0e7671b6dffbd90134df44b06412e707fd003a355c028c86dd525af7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1111
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
geo.json
wapi.ndtv.com/ 		151 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wapi.ndtv.com/geo.json
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:292::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1aedb2711988ec4a9ffab92ebce0eab74563bdf8029e8cbfa3bb254a54fccc21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:09 GMT
access-control-max-age
3600
access-control-allow-methods
GET,POST,HEAD
content-type
application/json
access-control-allow-origin
https://www.ndtv.com
cache-control
max-age=0, no-cache, private
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
151
expires
Mon, 18 Apr 2022 11:58:09 GMT
widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html
platform.twitter.com/widgets/ Frame 2888 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.ndtv.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BC) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
421563
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105433
Content-Type
text/html; charset=utf-8
Date
Mon, 18 Apr 2022 11:58:09 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Wed, 13 Apr 2022 12:15:11 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67BC)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42260/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:09 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-14e98"
vary
Accept-Encoding
x-hw
1650283089.dop136.am5.t,1650283089.cds237.am5.hn,1650283089.cds302.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ndtv.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 18:03:33 GMT
x-content-type-options
nosniff
age
410076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11768
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Apr 2023 18:03:33 GMT
optimize.js
www.google-analytics.com/gtm/ 		92 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=GTM-54HD7XG
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2R2KQQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e51817621f726175b95fd5aea0c149fbadf33070243d35720f32b930f581422e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36585
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 18 Apr 2022 11:58:09 GMT
js
www.googletagmanager.com/gtag/ 		116 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3X0HPFNQW2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2R2KQQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2d102f5e74151c680fe8f549ea495cd4675cb12466f911fbc5cf14d5a24655b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46545
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 18 Apr 2022 11:58:09 GMT
unip
trc.taboola.com/1010811/log/3/ 		0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/1010811/log/3/unip?en=page_view&gtmcb=439296445
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
8
pragma
no-cache
date
Mon, 18 Apr 2022 11:58:09 GMT
via
1.1 varnish
server
nginx
x-timer
S1650283090.621956,VS0,VE8
x-served-by
cache-hhn4020-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
settings
syndication.twitter.com/ Frame 2888 		248 B
451 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=3c5d2111595bc34cea603f0c1bb79adf08bd099b
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.ndtv.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
7a82d919cd3a66eb6623565d65433eb0d81a4373d43a5625409370d8ae468d29
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-response-time
113
date
Mon, 18 Apr 2022 11:58:09 GMT
content-encoding
gzip
last-modified
Mon, 18 Apr 2022 11:58:09 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
e282e741ac0f105187556f0d74a10938734305f717643028ebc2fa4e2e9e078e
content-length
171
/
www.google.com/pagead/1p-user-list/968076326/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/968076326/?random=1650283089455&cv=9&fst=1650279600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&ref=https%3A%2F%2Ft.co%2F&tiba=Western%20Hackers%20Used%20Russia%27s%20Own%20Ransomware%20Against%20It%20In%20Cyberattack%20on%20Roscosmos%3A%20Report&fmt=3&is_vtc=1&random=2488872552&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/968076326/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/968076326/?random=1650283089455&cv=9&fst=1650279600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&ref=https%3A%2F%2Ft.co%2F&tiba=Western%20Hackers%20Used%20Russia%27s%20Own%20Ransomware%20Against%20It%20In%20Cyberattack%20on%20Roscosmos%3A%20Report&fmt=3&is_vtc=1&random=2488872552&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022041201.js
securepubads.g.doubleclick.net/gpt/ 		369 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
629
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127945
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 08:36:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 18 Apr 2023 11:47:40 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		518 B
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ndtv.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
1b6690b0cf860c3a3de832c719df675a6c2afe6f9a2df0bf9d2dd9ab5133c0e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 11:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
207
x-xss-protection
0
expires
Mon, 18 Apr 2022 11:58:09 GMT
fb781063-2a3c-41c2-a162-bcdb128cda17
https://www.ndtv.com/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.ndtv.com/fb781063-2a3c-41c2-a162-bcdb128cda17
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
3743
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-97665797-1&cid=817571239.1650283089&jid=1513878956&gjid=1309542113&_gid=1681793841.1650283090&_u=aGjAgEABQAAAAG~&z=699194491
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 18 Apr 2022 11:58:09 GMT
content-type
text/plain
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1702610171&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&dr=https%3A%2F%2Ft.co%2F&dp=%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&ul=en-us&de=UTF-8&dt=Western%20Hackers%20Used%20Russia%27s%20Own%20Ransomware%20Against%20It%20In%20Cyberattack%20on%20Roscosmos%3A%20Report&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGjAgEABQAAAAC~&jid=1513878956&gjid=1309542113&cid=817571239.1650283089&tid=UA-97665797-1&_gid=1681793841.1650283090&gtm=2wg4d0N2R2KQQ&cd9=Edited%20by%20Bhavya%20Sukheja&cd10=world-news&cd11=Western%20Hackers%20Used%20Russia%27s%20Own%20Ransomware%20Against%20It%20In%20Cyberattack%20on%20Roscosmos%3A%20Report&cd12=2022&cd13=04&cd14=13-04-2022&cd15=6076&cd16=english&cd17=blank&cd18=Russia%7CAnonymous%7CCyberattack%7CPutin%7CRoscosmos&cd19=5%20days&cd20=https%3A%2F%2Ft.co%2F&cd21=blank&cd22=story&cd23=www.ndtv.com&cd24=blank&cd25=blank&cd26=blank&cd27=blank&cd28=blank&cd29=blank&cd30=blank&cd31=blank&cd32=blank&cd33=desktop&cd34=blank&cd35=13&cd54=6&cd55=GTM-N2R2KQQ%20-%20314&cd60=2885472&cd64=light&cd71=NA&cd72=GTM&cd73=article&cd74=&cd75=NDTV&cd78=Amit%20Chaturvedi&cd36=817571239.1650283089&z=459054902
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Apr 2022 15:29:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
73728
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
config.json
c.go-mpulse.net/api/ Frame A5F6 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=P4S98-FTZ59-DVK4T-C5SG5-AXGYM&d=www.ndtv.com&t=5500944&v=1.571.0&if=&sl=0&si=yt1yljkjm5-NaN&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,LOGN&acao=
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/P4S98-FTZ59-DVK4T-C5SG5-AXGYM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:f7:181::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
af7bbebc68e889dad715e26e73992eccc67626855ee99dab3309771c2ba66651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:09 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
1093
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3X0HPFNQW2&gtm=2oe4d0&_p=1702610171&_z=ccd.BJB&cid=817571239.1650283089&ul=en-us&sr=1600x1200&_s=1&sid=1650283089&sct=1&seg=0&dl=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&dr=https%3A%2F%2Ft.co%2F&dt=Western%20Hackers%20Used%20Russia%27s%20Own%20Ransomware%20Against%20It%20In%20Cyberattack%20on%20Roscosmos%3A%20Report&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3X0HPFNQW2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97665797-1&cid=817571239.1650283089&jid=1513878956&_u=aGjAgEABQAAAAG~&z=1764380700
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97665797-1&cid=817571239.1650283089&jid=1513878956&_u=aGjAgEABQAAAAG~&z=1764380700
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
horizon_tweet.c9df2d9b929da727d1e2e137e0482378.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.c9df2d9b929da727d1e2e137e0482378.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
8993847fc5ab8598921a6022687d68c0efd65ba5e26f8b970ad2b83466edce8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:09 GMT
Content-Encoding
gzip
Age
421563
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
2476
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 12:14:39 GMT
Server
ECS (frb/668B)
Etag
"550f8d645a77f0ab50d361c5088aa0cf+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
347 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42260/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:99f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
cloudflare
age
4240474
etag
W/"60d94cdb-1c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fdd3a1f4f946903-FRA
expires
Tue, 18 Apr 2023 11:58:09 GMT
log
aplogger.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aplogger.adpushup.com/log?pxRes=false&event=PPID_ANALYTICS_C1&data=eyJ1c2VySWQiOm51bGwsInNlc3Npb25JZCI6bnVsbCwicHBpZEFwcGxpY2FibGUiOiJNaXNzaW5nIiwic2l0ZUlkIjo0MjI2MH0%3D
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.210.81 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 18 Apr 2022 11:58:09 GMT
Server
nginx/1.14.0 (Ubuntu)
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:09 GMT
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NTAyODMwODk4MjUsInBhY2tldElkIjoiMDAwMEE1MTQtN2VlODVhNWUtMGNlMS00Mzc3LTg0YTEtNTM2NGVhMTk3ZDJlIiwic2l0ZUlkIjo0MjI2MCwic2l0ZURvbWFpbiI6Imh0dHA6Ly9uZHR2LmNvbS8iLCJ1cmwiOiJodHRwczovL3d3dy5uZHR2LmNvbS93b3JsZC1uZXdzL3dlc3Rlcm4taGFja2Vycy11c2VkLXJ1c3NpYXMtb3duLXJhbnNvbXdhcmUtYWdhaW5zdC1pdC1pbi1jeWJlcmF0dGFjay1vbi1yb3Njb3Ntb3MtcmVwb3J0LTI4ODU0NzIiLCJtb2RlIjoyLCJlcnJvckNvZGUiOjcsInJlZmVycmVyIjoiaHR0cHM6Ly90LmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:09 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
Tweet.html
platform.twitter.com/embed/ Frame A737 		487 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498792639877074945&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6739) /
Resource Hash
75427f4e724fd6b764c90cd4cf8e227ceeea7c17e525085451b7a0fa364f3f96

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
710
Cache-Control
public, max-age=1800
Content-Length
487
Content-Type
text/html; charset=utf-8
Date
Mon, 18 Apr 2022 11:58:09 GMT
Etag
"944c1fa706573605c4a3899a0958fe77"
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6739)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
X-Cache
HIT
x-tw-cdn
VZ
Tweet.html
platform.twitter.com/embed/ Frame 78E4 		487 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498903566135832577&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
75427f4e724fd6b764c90cd4cf8e227ceeea7c17e525085451b7a0fa364f3f96

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Age
865
Cache-Control
public, max-age=1800
Content-Length
487
Content-Type
text/html; charset=utf-8
Date
Mon, 18 Apr 2022 11:58:09 GMT
Etag
"944c1fa706573605c4a3899a0958fe77"
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6723)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
X-Cache
HIT
x-tw-cdn
VZ
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:09 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 25 Apr 2022 11:58:09 GMT
cygnus
htlb.casalemedia.com/ 		36 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=695976&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22148d61f8d79b23%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A2%2C%22ren%22%3Afalse%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22221bbf7ae35c3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22695976%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223abadfd8580423%22%2C%22ext%22%3A%7B%22siteID%22%3A%22695976%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224d66eb2b8f1fb6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22695976%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225dddb014030e15%22%2C%22ext%22%3A%7B%22siteID%22%3A%22695975%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226356f9e7db450d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22695975%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
04ff2a6b06f36828fc6c2d11e21ab67642b7050175aee2843e18d7e57f06f63f

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:10 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.166], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.ndtv.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Mon, 18 Apr 2022 11:58:10 GMT
bid-request
a.teads.tv/hb/ 		16 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:09 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ndtv.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 18 Apr 2022 11:58:09 GMT
arj
ndtv-d.openx.net/w/1.0/ 		73 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ndtv-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bbd39096-ff47-4399-b24d-cbf788f39bae%2C12e52bbe-68c0-43c9-8184-3e19f635e737%2C70a35c76-4e07-4f1e-937b-075d9f395c90%2C566f377f-b81a-4737-b890-ae19cd1c8a97%2Cedc4635b-2ce8-4a04-aa92-73709761ec59&nocache=1650283089913&pubcid=3c50ec84-8acd-49b4-bad3-d626040d9983&aus=970x90%2C728x90%2C970x250%7C300x250%2C300x600%7C300x250%7C300x100%7C300x250%2C300x600&divIds=adslot728x90ATF%2Cadslot300x250ATF%2Cadslot300x250BTF%2Cadslot300x100ATF%2Cadslot300x250BTF2&auid=543854579%2C543854585%2C543854598%2C545636951%2C543854582
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
2882ab610284e948dbb350e842bf7ce81a5d4e0f9e8c791d3a1d776b5f00b10e

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:10 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ndtv.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ndtv.com
date
Mon, 18 Apr 2022 11:58:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		687 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11990&site_id=369282&zone_id=2014274%3B2014100%3B2014128%3B2014054&size_id=2%3B15%3B15%3B19&alt_size_ids=55%2C57%3B10%3B%3B&eid_pubcid.org=3c50ec84-8acd-49b4-bad3-d626040d9983%5E1&rf=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&tg_i.pbadslot=1068322%2FNDTV_ISP_728x90_ATF%3B1068322%2FNDTV_ISP_300x250_ATF%3B1068322%2FNDTV_News_ROS_300x250_BTF%3B1068322%2FNDTV_ISP_300x100_ATF&tg_i.dfp_ad_unit_code=1068322%2FNDTV_ISP_728x90_ATF%3B1068322%2FNDTV_ISP_300x250_ATF%3B1068322%2FNDTV_News_ROS_300x250_BTF%3B1068322%2FNDTV_ISP_300x100_ATF&tk_flint=pbjs_lite_v4.25.0&x_source.tid=bbd39096-ff47-4399-b24d-cbf788f39bae%3B12e52bbe-68c0-43c9-8184-3e19f635e737%3B70a35c76-4e07-4f1e-937b-075d9f395c90%3B566f377f-b81a-4737-b890-ae19cd1c8a97&p_screen_res=1600x1200&rp_secure=1&slots=4&rand=0.8443484225680336
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8eb3284f8f32bbe3237c3015b9a768af996ff8d3c3992750610ea96ff356f5f7

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:58:10 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ndtv.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
687
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		53 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:58:09 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
eaf4c814-d54e-46f9-8cbf-8b2a1bb5d7fb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ndtv.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
embed.runtime.381dacb071831ab3a70d.js
platform.twitter.com/embed/ Frame A737 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.381dacb071831ab3a70d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498792639877074945&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6727) /
Resource Hash
446162f5a3076516226574dd1e78e637aa8735c3cd30156d82d7b2653741aa4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498792639877074945&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:09 GMT
Content-Encoding
gzip
Age
421563
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=7
Content-Length
4255
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
Server
ECS (frb/6727)
Etag
"80bf4732e6f6704d24a0ac52a72ba075+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.modules.95b5a9737b8cee3b4663.js
platform.twitter.com/embed/ Frame A737 		515 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.95b5a9737b8cee3b4663.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498792639877074945&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668A) /
Resource Hash
25337532fdfe471ab004131890a0d63054cce7a9ef0fc377a96ebc0e166321e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498792639877074945&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:09 GMT
Content-Encoding
gzip
Age
421563
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
171188
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
Server
ECS (frb/668A)
Etag
"85774c6f53d0c7929b642b84d6b206f1+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.i18n.cfc8ac541ff35cf1e560.js
platform.twitter.com/embed/ Frame A737 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.cfc8ac541ff35cf1e560.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498792639877074945&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
d4e210d814b8935d67fae43dbf2379a8e3661b4cb0dc56043e82835ee315899e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498792639877074945&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:09 GMT
Content-Encoding
gzip
Age
421563
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
789
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
Server
ECS (frb/6738)
Etag
"1cc84f1ac28f22958b126e7dc114927e+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.Tweet.25f267844eec352e7e65.js
platform.twitter.com/embed/ Frame A737 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.25f267844eec352e7e65.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498792639877074945&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
6d9043e145618922aa085ace9bff0833c54b5438ee872da3e4e8b79d91108aca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498792639877074945&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:09 GMT
Content-Encoding
gzip
Age
421563
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
5543
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
Server
ECS (frb/668C)
Etag
"c55e69e1e7fa0d32b1882e86a386e192+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.runtime.381dacb071831ab3a70d.js
platform.twitter.com/embed/ Frame 78E4 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.381dacb071831ab3a70d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498903566135832577&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6727) /
Resource Hash
446162f5a3076516226574dd1e78e637aa8735c3cd30156d82d7b2653741aa4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498903566135832577&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:09 GMT
Content-Encoding
gzip
Age
421563
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
4255
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
Server
ECS (frb/6727)
Etag
"80bf4732e6f6704d24a0ac52a72ba075+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.modules.95b5a9737b8cee3b4663.js
platform.twitter.com/embed/ Frame 78E4 		515 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.95b5a9737b8cee3b4663.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498903566135832577&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668A) /
Resource Hash
25337532fdfe471ab004131890a0d63054cce7a9ef0fc377a96ebc0e166321e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498903566135832577&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:09 GMT
Content-Encoding
gzip
Age
421563
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
171188
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
Server
ECS (frb/668A)
Etag
"85774c6f53d0c7929b642b84d6b206f1+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.i18n.cfc8ac541ff35cf1e560.js
platform.twitter.com/embed/ Frame 78E4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.cfc8ac541ff35cf1e560.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498903566135832577&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
d4e210d814b8935d67fae43dbf2379a8e3661b4cb0dc56043e82835ee315899e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498903566135832577&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:09 GMT
Content-Encoding
gzip
Age
421563
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
789
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
Server
ECS (frb/6738)
Etag
"1cc84f1ac28f22958b126e7dc114927e+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.Tweet.25f267844eec352e7e65.js
platform.twitter.com/embed/ Frame 78E4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.25f267844eec352e7e65.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498903566135832577&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
6d9043e145618922aa085ace9bff0833c54b5438ee872da3e4e8b79d91108aca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498903566135832577&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:09 GMT
Content-Encoding
gzip
Age
421563
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
5543
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
Server
ECS (frb/668C)
Etag
"c55e69e1e7fa0d32b1882e86a386e192+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		2 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2118:9000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:02:44 GMT
via
1.1 9632c1f8a2346421f2880c0f89366962.cloudfront.net (CloudFront)
server
AmazonS3
age
3326
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
HEL50-C1
content-length
2
x-amz-cf-id
bXvZ85lSAFDz33h0I6DTCFF4cjkAxhbdO8e2X7fyMyKnpgfhBqpF6g==
embed.vendors~ondemand.en-js.1908eae2da2261b683ed.js
platform.twitter.com/embed/ Frame A737 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.en-js.1908eae2da2261b683ed.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.381dacb071831ab3a70d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6794) /
Resource Hash
322f376069dfd94b9b6cb9bebfe915ba60cd31567b6b4c610f79f27be6eaaa9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498792639877074945&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:10 GMT
Content-Encoding
gzip
Age
421564
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
12781
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
Server
ECS (frb/6794)
Etag
"9f7fceec525e26deebb7f9c67bb5c350+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.en-js.f93e9434f6e527a1b05f.js
platform.twitter.com/embed/ Frame A737 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.en-js.f93e9434f6e527a1b05f.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.381dacb071831ab3a70d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
b7e85da66bcb7ef7efafc1db0af8aa33ac72a525356221f8fe4a3ed2ec34f235

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498792639877074945&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:10 GMT
Content-Encoding
gzip
Age
421564
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
1282
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
Server
ECS (frb/668C)
Etag
"9c6cb65fe116148bebbdaa43c18c0784+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.i18n.en-js.5c6da515a8aaa84edc9b.js
platform.twitter.com/embed/ Frame A737 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.5c6da515a8aaa84edc9b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.381dacb071831ab3a70d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) /
Resource Hash
83969a1a3a3811a364150fb119ea75fdffd63e730583462c90f01ca340aeb639

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498792639877074945&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:10 GMT
Content-Encoding
gzip
Age
421564
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
1282
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
Server
ECS (frb/6776)
Etag
"6b631f9950466c8b605f19506566435e+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.vendors~ondemand.en-js.1908eae2da2261b683ed.js
platform.twitter.com/embed/ Frame 78E4 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.en-js.1908eae2da2261b683ed.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.381dacb071831ab3a70d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6794) /
Resource Hash
322f376069dfd94b9b6cb9bebfe915ba60cd31567b6b4c610f79f27be6eaaa9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498903566135832577&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:10 GMT
Content-Encoding
gzip
Age
421564
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
12781
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
Server
ECS (frb/6794)
Etag
"9f7fceec525e26deebb7f9c67bb5c350+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.en-js.f93e9434f6e527a1b05f.js
platform.twitter.com/embed/ Frame 78E4 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.en-js.f93e9434f6e527a1b05f.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.381dacb071831ab3a70d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
b7e85da66bcb7ef7efafc1db0af8aa33ac72a525356221f8fe4a3ed2ec34f235

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498903566135832577&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:10 GMT
Content-Encoding
gzip
Age
421564
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
1282
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
Server
ECS (frb/668C)
Etag
"9c6cb65fe116148bebbdaa43c18c0784+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.i18n.en-js.5c6da515a8aaa84edc9b.js
platform.twitter.com/embed/ Frame 78E4 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.5c6da515a8aaa84edc9b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.381dacb071831ab3a70d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) /
Resource Hash
83969a1a3a3811a364150fb119ea75fdffd63e730583462c90f01ca340aeb639

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498903566135832577&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:10 GMT
Content-Encoding
gzip
Age
421564
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
1282
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
Server
ECS (frb/6776)
Etag
"6b631f9950466c8b605f19506566435e+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
pixel;r=1839171538;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472;ref=https%3...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1839171538;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472;ref=https%3A%2F%2Ft.co%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1987710438-1650283090083;pbc=3c50ec84-8acd-49b4-bad3-d626040d9983;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;d=ndtv.com;je=0;sr=1600x1200x24;dst=0;et=1650283090083;tzo=0;ogl=title.Western%20Hackers%20Used%20Russia's%20Own%20Ransomware%20Against%20It%20In%20Cyberattack%20on%20Roscos%2Ctype.article%2Cimage.https%3A%2F%2Fi%252Endtvimg%252Ecom%2Fi%2F2017-05%2Fcyberattack-afp_650x400_41494673551%252Ejpg%2Cimage%3Asecure_url.https%3A%2F%2Fi%252Endtvimg%252Ecom%2Fi%2F2017-05%2Fcyberattack-afp_650x400_41494673551%252Ejpg%2Cimage%3Awidth.630%2Cimage%3Aheight.473%2Curl.https%3A%2F%2Fwww%252Endtv%252Ecom%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-agai%2Csite_name.NDTV%252Ecom%2Cdescription.A%20month%20after%20a%20cyberattack%20on%20Russia's%20space%20agency%20Roscosmos%252C%20it%20has%20been%20reve
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:10 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
embed.vendors~ondemand.Tweet.22fe5c808a44adedfec0.js
platform.twitter.com/embed/ Frame A737 		447 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.22fe5c808a44adedfec0.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.381dacb071831ab3a70d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A8) /
Resource Hash
46c63b7687dff2a81b35907e2cc2fa1a3318876dd6088a26b6226c2217ccb482

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498792639877074945&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:10 GMT
Content-Encoding
gzip
Age
421564
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
125689
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
Server
ECS (frb/67A8)
Etag
"91fa547b764db984c386b5c6f5449aba+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.Tweet.c3536e3d43639a5d6432.js
platform.twitter.com/embed/ Frame A737 		77 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.c3536e3d43639a5d6432.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.381dacb071831ab3a70d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
0aedb0c8a9626fa18c33e6aa09e079bade4ace2c74cacdcdd082c0fdf5a8f91a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498792639877074945&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:10 GMT
Content-Encoding
gzip
Age
421564
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
17025
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
Server
ECS (frb/669E)
Etag
"eb08861a2456c88b66b5c36ed880d5e1+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.vendors~ondemand.Tweet.22fe5c808a44adedfec0.js
platform.twitter.com/embed/ Frame 78E4 		447 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.22fe5c808a44adedfec0.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.381dacb071831ab3a70d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A8) /
Resource Hash
46c63b7687dff2a81b35907e2cc2fa1a3318876dd6088a26b6226c2217ccb482

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498903566135832577&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:10 GMT
Content-Encoding
gzip
Age
421564
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
125689
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
Server
ECS (frb/67A8)
Etag
"91fa547b764db984c386b5c6f5449aba+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.Tweet.c3536e3d43639a5d6432.js
platform.twitter.com/embed/ Frame 78E4 		77 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.c3536e3d43639a5d6432.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.381dacb071831ab3a70d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
0aedb0c8a9626fa18c33e6aa09e079bade4ace2c74cacdcdd082c0fdf5a8f91a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498903566135832577&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:10 GMT
Content-Encoding
gzip
Age
421564
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
17025
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
Server
ECS (frb/669E)
Etag
"eb08861a2456c88b66b5c36ed880d5e1+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
tweet
cdn.syndication.twimg.com/ Frame A737 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_space_card%3Aoff%3Btfw_sensitive_media_interstitial_13963%3Ainterstitial&id=1498792639877074945&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.95b5a9737b8cee3b4663.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f / Express
Resource Hash
adb28581b5d6ce42a23ab68838d95ec82b5191f7200615ca26e4f6738dc365a8
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"ad5-rcwgT+oL8YOzovWtBo4lmqest/w"
x-powered-by
Express
access-control-allow-methods
GET
server-timing
"x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=187
strict-transport-security
max-age=631138519
x-xss-protection
0
x-response-time
169
server
tsa_f
x-frame-options
SAMEORIGIN
date
Mon, 18 Apr 2022 11:58:10 GMT
vary
Origin, Accept-Encoding
x-tw-cdn
VZ", VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
cc6265dc84b8175b9cb05d69c3c93fa4d0de7fca56c74afc4d4dcd8d9f5a0fc8
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
tweet
cdn.syndication.twimg.com/ Frame 78E4 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_space_card%3Aoff%3Btfw_sensitive_media_interstitial_13963%3Ainterstitial&id=1498903566135832577&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.95b5a9737b8cee3b4663.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f / Express
Resource Hash
116c0b5c8ade4ffcd501da8e384e51dff997e2d51c39bbb32271e5bf3d5a56cf
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"f5e-Bl3IutRC92GLI/XUgbKf4YFvJus"
x-powered-by
Express
access-control-allow-methods
GET
server-timing
"x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=190
strict-transport-security
max-age=631138519
x-xss-protection
0
x-response-time
176
server
tsa_f
x-frame-options
SAMEORIGIN
date
Mon, 18 Apr 2022 11:58:10 GMT
vary
Origin, Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
bc55b67b3e49aacf82786000ce46355780a1bbe03f85293bebb79ce2a933f093
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1702610171&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Western%20Hackers%20Used%20Russia%27s%20Own%20Ransomware%20Against%20It%20In%20Cyberattack%20on%20Roscosmos%3A%20Report&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=adblocker_desktop&ea=ad_blocked&el=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&_u=aGjAgEABQAAAAG~&jid=&gjid=&cid=817571239.1650283089&tid=UA-97665797-1&_gid=1681793841.1650283090&gtm=2wg4d0N2R2KQQ&cd37=enabled&cd55=GTM-N2R2KQQ%20-%20314&cd72=GTM&cd36=817571239.1650283089&z=259396454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Apr 2022 15:29:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
73729
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1f1fa-1f1e6.svg
abs-0.twimg.com/emoji/v2/svg/ Frame A737 		233 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f1fa-1f1e6.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ad31e4e2ca36d66a9484937b76f003c8534d205da98fc90fe9d8fb7706e043b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, HIT, x-tw-cdn;desc=FT
content-length
189
etag
"rEvLSWyjSaIbBeQAvYrF3A=="
x-served-by
cache-fty13721-FTY, cache-hhn4026-HHN
last-modified
Wed, 21 Feb 2018 22:30:48 GMT
date
Mon, 18 Apr 2022 11:58:10 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Fri, 04 Nov 2022 07:15:06 GMT
jot
syndication.twitter.com/i/ Frame A737 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1650283090420%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22c8fe9736dd6fb%3A1649830956492%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22ndtv%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%225891fe8c05f08%3A1649794893398%22%2C%22item_ids%22%3A%5B%221498792639877074945%22%5D%2C%22item_details%22%3A%7B%221498792639877074945%22%3A%7B%22item_type%22%3A0%7D%7D%7D&session_id=3c5d2111595bc34cea603f0c1bb79adf08bd099b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
114
pragma
no-cache
last-modified
Mon, 18 Apr 2022 11:58:10 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
e282e741ac0f105187556f0d74a10938734305f717643028ebc2fa4e2e9e078e
x-transaction
9b83b9a8739a2b07
expires
Tue, 31 Mar 1981 05:00:00 GMT
embed.loader.UserAvatar.1d15c2a3d4516925a738.js
platform.twitter.com/embed/ Frame 78E4 		156 B
725 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.loader.UserAvatar.1d15c2a3d4516925a738.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.381dacb071831ab3a70d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6772) /
Resource Hash
c0dfe30ae00c4c503b193a29f98a99dcd87c69319e20d8f03eb140acd6c17df7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd19zZW5zaXRpdmVfbWVkaWFfaW50ZXJzdGl0aWFsXzEzOTYzIjp7ImJ1Y2tldCI6ImludGVyc3RpdGlhbCIsInZlcnNpb24iOjR9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1498903566135832577&lang=en&origin=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&sessionId=3c5d2111595bc34cea603f0c1bb79adf08bd099b&siteScreenName=ndtv&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:10 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Wed, 13 Apr 2022 14:44:18 GMT
Server
ECS (frb/6772)
Age
421564
Etag
"34d152d4d33e1d48f38d60bb855112c3"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
156
1f1fa-1f1e6.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 78E4 		233 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f1fa-1f1e6.svg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.95b5a9737b8cee3b4663.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ad31e4e2ca36d66a9484937b76f003c8534d205da98fc90fe9d8fb7706e043b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, HIT, x-tw-cdn;desc=FT
content-length
189
etag
"rEvLSWyjSaIbBeQAvYrF3A=="
x-served-by
cache-fty13721-FTY, cache-hhn4026-HHN
last-modified
Wed, 21 Feb 2018 22:30:48 GMT
date
Mon, 18 Apr 2022 11:58:10 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Fri, 04 Nov 2022 07:15:06 GMT
jot
syndication.twitter.com/i/ Frame 78E4 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1650283090460%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22c8fe9736dd6fb%3A1649830956492%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22ndtv%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%225891fe8c05f08%3A1649794893398%22%2C%22item_ids%22%3A%5B%221498903566135832577%22%5D%2C%22item_details%22%3A%7B%221498903566135832577%22%3A%7B%22item_type%22%3A0%7D%7D%7D&session_id=3c5d2111595bc34cea603f0c1bb79adf08bd099b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
114
pragma
no-cache
last-modified
Mon, 18 Apr 2022 11:58:10 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
e282e741ac0f105187556f0d74a10938734305f717643028ebc2fa4e2e9e078e
x-transaction
325867d8f12e84ac
expires
Tue, 31 Mar 1981 05:00:00 GMT
mWq1iE5L
pbs.twimg.com/semantic_core_img/1290392753013002240/ Frame 78E4 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/semantic_core_img/1290392753013002240/mWq1iE5L?format=png&name=orig
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BD) /
Resource Hash
c7caa90ed1a5ceb5f3dcdb5efd94c891c4d9c507777997a50b7b361ea9e4fffb
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:10 GMT
x-content-type-options
nosniff
age
470756
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length
3671
x-response-time
117
surrogate-key
semantic_core_img semantic_core_img/bucket/3 semantic_core_img/1290392753013002240
last-modified
Mon, 03 Aug 2020 21:01:01 GMT
server
ECS (frb/67BD)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
326d205e995cf07e0c2fb70183095f3a2f25a10a14a29f4900dbd2f3c7ca0204
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
oAlQDd-M_normal.jpg
pbs.twimg.com/profile_images/1497716002364301320/ Frame A737 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1497716002364301320/oAlQDd-M_normal.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
0fe5581c98d1923ae1c3560ef1010cc5db5451125ebf142726413f7a87f31db0
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:10 GMT
x-content-type-options
nosniff
age
131134
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
2491
x-response-time
120
surrogate-key
profile_images profile_images/bucket/7 profile_images/1497716002364301320
last-modified
Sat, 26 Feb 2022 23:29:35 GMT
server
ECS (frb/6724)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
ff116711301dd00ccbd893e92df77dddf8e252a66adc0fcf62e419a91e0ac57a
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FMzH8-mXsAEm3dL
pbs.twimg.com/media/ Frame A737 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FMzH8-mXsAEm3dL?format=png&name=360x360
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A8) /
Resource Hash
a55664368695a544c342887f97b8e8e5b2812b2e782cc1006fbf4eb95d4f8c8f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:10 GMT
x-content-type-options
nosniff
age
478516
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
27522
x-response-time
113
surrogate-key
media media/bucket/8 media/1498792626417545217
last-modified
Tue, 01 Mar 2022 22:47:43 GMT
server
ECS (frb/67A8)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
8d1e6d449c4961eae65f1fa4076a76aeeb121f1f0ce2b8cfb3f7a2ebf9f261bf
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FMzH9d4X0Agmjks
pbs.twimg.com/media/ Frame A737 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FMzH9d4X0Agmjks?format=png&name=360x360
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash
f272a97abda53628d3a8d8a4cfcc3c6ba9312512643bccce3fb2a3bc9276d14b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:10 GMT
x-content-type-options
nosniff
age
478516
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
26159
x-response-time
120
surrogate-key
media media/bucket/8 media/1498792634814550024
last-modified
Tue, 01 Mar 2022 22:47:45 GMT
server
ECS (frb/668D)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
48da0ae5af6f40cc076fe66c703a8b10b7894edd1a7a86a2bc442cf08ac1e81e
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FMzH9NzXMAYiJBu
pbs.twimg.com/media/ Frame A737 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FMzH9NzXMAYiJBu?format=png&name=360x360
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) /
Resource Hash
0e38eebd42f41bf6350599b6de84a0a2197dda812e897beadbdf83c68f86a6d8
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:10 GMT
x-content-type-options
nosniff
age
317915
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
38172
x-response-time
116
surrogate-key
media media/bucket/6 media/1498792630498570246
last-modified
Tue, 01 Mar 2022 22:47:43 GMT
server
ECS (frb/6776)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
3729b4ee358084e63b113539be14a492c81e4aa44fb649d3959c28dace5e03c9
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
Ehv07Zn7_normal.jpg
pbs.twimg.com/profile_images/1507866972821807108/ Frame 78E4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1507866972821807108/Ehv07Zn7_normal.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668A) /
Resource Hash
051507d470eac61f4669c700ad51820ac92ca9916b62b6e9fe7f8be1e05bf57a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:10 GMT
x-content-type-options
nosniff
age
130193
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
1655
x-response-time
109
surrogate-key
profile_images profile_images/bucket/0 profile_images/1507866972821807108
last-modified
Sat, 26 Mar 2022 23:45:55 GMT
server
ECS (frb/668A)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
fa54bb6f2c88647d2d739a7fdc57d661f5c32d9bd6b529ec6f223e8d9f099c03
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FMzH8-mXsAEm3dL
pbs.twimg.com/media/ Frame 78E4 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FMzH8-mXsAEm3dL?format=png&name=360x360
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.22fe5c808a44adedfec0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A8) /
Resource Hash
a55664368695a544c342887f97b8e8e5b2812b2e782cc1006fbf4eb95d4f8c8f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:10 GMT
x-content-type-options
nosniff
age
478516
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
27522
x-response-time
113
surrogate-key
media media/bucket/8 media/1498792626417545217
last-modified
Tue, 01 Mar 2022 22:47:43 GMT
server
ECS (frb/67A8)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
8d1e6d449c4961eae65f1fa4076a76aeeb121f1f0ce2b8cfb3f7a2ebf9f261bf
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FMzH9d4X0Agmjks
pbs.twimg.com/media/ Frame 78E4 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FMzH9d4X0Agmjks?format=png&name=360x360
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.22fe5c808a44adedfec0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash
f272a97abda53628d3a8d8a4cfcc3c6ba9312512643bccce3fb2a3bc9276d14b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:10 GMT
x-content-type-options
nosniff
age
478516
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
26159
x-response-time
120
surrogate-key
media media/bucket/8 media/1498792634814550024
last-modified
Tue, 01 Mar 2022 22:47:45 GMT
server
ECS (frb/668D)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
48da0ae5af6f40cc076fe66c703a8b10b7894edd1a7a86a2bc442cf08ac1e81e
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FMzH9NzXMAYiJBu
pbs.twimg.com/media/ Frame 78E4 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FMzH9NzXMAYiJBu?format=png&name=240x240
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) /
Resource Hash
4dd1daa068762cf437fb11165e7813addb5d2f5d79c8755a5e2de471dff62e63
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:10 GMT
x-content-type-options
nosniff
age
262285
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
20338
x-response-time
119
surrogate-key
media media/bucket/6 media/1498792630498570246
last-modified
Tue, 01 Mar 2022 22:47:43 GMT
server
ECS (frb/6776)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
4ff02f16af73fa7d5319c5a163de4cfe5f114e9843d8a0781d128eee7b2f95d0
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FMzH9ofXMAACJBe
pbs.twimg.com/media/ Frame 78E4 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FMzH9ofXMAACJBe?format=png&name=240x240
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A7) /
Resource Hash
6818abaeab1a91ae452cf39e1c9ee0962ed57319f1c5c1fadb0b95ef6929b9b4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:10 GMT
x-content-type-options
nosniff
age
253570
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
14093
x-response-time
122
surrogate-key
media media/bucket/6 media/1498792637662441472
last-modified
Tue, 01 Mar 2022 22:47:45 GMT
server
ECS (frb/67A7)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
85af9d2e87e06194d8ea2428dd8f29a1f8e008db5712f31d0ad86dcacc3f0a96
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FMzH9ofXMAACJBe
pbs.twimg.com/media/ Frame A737 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FMzH9ofXMAACJBe?format=png&name=360x360
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A7) /
Resource Hash
8fec7b3114dfb16c91e7f519f46fb35cacfa70957e30200cf86795388e928ebc
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:10 GMT
x-content-type-options
nosniff
age
317915
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
24526
x-response-time
114
surrogate-key
media media/bucket/6 media/1498792637662441472
last-modified
Tue, 01 Mar 2022 22:47:45 GMT
server
ECS (frb/67A7)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
6c9a9b9a8fcd1c0e79463857c0c879cc946831cef2d1381c93fdd696791046d6
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
oAlQDd-M_mini.jpg
pbs.twimg.com/profile_images/1497716002364301320/ Frame 78E4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1497716002364301320/oAlQDd-M_mini.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A8) /
Resource Hash
2c58f47c6ac971d12240bc24f7ffb05a35d4dc1ecf9a65027cda880c5a68da8f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:10 GMT
x-content-type-options
nosniff
age
130934
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
1598
x-response-time
113
surrogate-key
profile_images profile_images/bucket/7 profile_images/1497716002364301320
last-modified
Sat, 26 Feb 2022 23:29:35 GMT
server
ECS (frb/67A8)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
76b6377806cf7f75269ee35765af0698b45a29fc4f475d4467c79828296b6182
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
oAlQDd-M_mini.jpg
pbs.twimg.com/profile_images/1497716002364301320/ Frame 78E4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1497716002364301320/oAlQDd-M_mini.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A8) /
Resource Hash
2c58f47c6ac971d12240bc24f7ffb05a35d4dc1ecf9a65027cda880c5a68da8f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:10 GMT
x-content-type-options
nosniff
age
130934
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
1598
x-response-time
113
surrogate-key
profile_images profile_images/bucket/7 profile_images/1497716002364301320
last-modified
Sat, 26 Feb 2022 23:29:35 GMT
server
ECS (frb/67A8)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
76b6377806cf7f75269ee35765af0698b45a29fc4f475d4467c79828296b6182
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
jot
syndication.twitter.com/i/ Frame A737 		43 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1650283090697%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22c8fe9736dd6fb%3A1649830956492%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22ndtv%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%225891fe8c05f08%3A1649794893398%22%2C%22item_ids%22%3A%5B%221498792639877074945%22%5D%2C%22item_details%22%3A%7B%221498792639877074945%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A811%7D&session_id=3c5d2111595bc34cea603f0c1bb79adf08bd099b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
111
pragma
no-cache
last-modified
Mon, 18 Apr 2022 11:58:10 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
e282e741ac0f105187556f0d74a10938734305f717643028ebc2fa4e2e9e078e
x-transaction
03f4dd2f5fb80d30
expires
Tue, 31 Mar 1981 05:00:00 GMT
jot
syndication.twitter.com/i/ Frame 78E4 		43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1650283090698%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22c8fe9736dd6fb%3A1649830956492%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22ndtv%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%225891fe8c05f08%3A1649794893398%22%2C%22item_ids%22%3A%5B%221498903566135832577%22%5D%2C%22item_details%22%3A%7B%221498903566135832577%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A810.5999984741211%7D&session_id=3c5d2111595bc34cea603f0c1bb79adf08bd099b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
119
pragma
no-cache
last-modified
Mon, 18 Apr 2022 11:58:10 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
e282e741ac0f105187556f0d74a10938734305f717643028ebc2fa4e2e9e078e
x-transaction
be59ce7cea7e4df6
expires
Tue, 31 Mar 1981 05:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ndtv.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 11:58:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ndtv.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 11:58:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
usync.html
eus.rubiconproject.com/ Frame 46BE 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Apr 2022 11:58:10 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8A90 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
23785
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 18 Apr 2022 11:58:10 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 14 Apr 2022 05:21:37 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
159827, 424064
X-Served-By
cache-lga21972-LGA, cache-hhn4022-HHN
X-Timer
S1650283091.936710,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 4D3B 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 18 Apr 2022 11:58:10 GMT
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 0DFF 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Apr 2022 11:58:10 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
ads
securepubads.g.doubleclick.net/gampad/ 		427 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2153790268243313&correlator=2137332446520091&eid=31065714%2C31060545%2C31065454%2C31064624%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fif&iu_parts=1068322%2CNDTV_News_ROS_300x250_BTF&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=1&adks=1311396189&sfv=1-0-38&ecs=20220418&fsapi=false&prev_scp=subsection%3Dworld-news%26storyid%3D2885472%26context%3DRussia%252CCyberattack%252CRoscosmos%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1650283090900&lmt=1650283090&dlt=1650283089043&idt=840&biw=1600&bih=1200&adxs=1130&adys=354&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x270&msz=300x-1&fws=4&ohw=1600&ga_vid=817571239.1650283089&ga_sid=1650283091&ga_hid=1702610171&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
76a480131a1a42e1dc39e356130ad8d09868347683d44131e57c4c917bfd2acd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
228
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b29c754ca22f2526e855b27bd5b224c0055cef83f993cb583e291272164735d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 11:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10763
x-xss-protection
0
container.html
2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D7FA 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Apr 2022 11:58:11 GMT
expires
Tue, 18 Apr 2023 11:58:11 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		43 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2153790268243313&correlator=2137332446520091&eid=31065714%2C31060545%2C31065454%2C31064624%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fif&iu_parts=1068322%2Cndtv_news_ros_300x250_btf-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x600&fluid=height&ifi=2&adks=1257558678&sfv=1-0-38&ecs=20220418&fsapi=false&prev_scp=subsection%3Dworld-news%26storyid%3D2885472%26context%3DRussia%252CCyberattack%252CRoscosmos%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1650283090909&lmt=1650283090&dlt=1650283089043&idt=840&biw=1600&bih=1200&adxs=1130&adys=897&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=817571239.1650283089&ga_sid=1650283091&ga_hid=1702610171&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
5deb3d37787b5639afc3d09de4cdc4d07d52de66d0686d782e24c9fe512fbedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10852
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ndtv.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		43 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2153790268243313&correlator=2137332446520091&eid=31065714%2C31060545%2C31065454%2C31064624%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fif&iu_parts=1068322%2CNDTV_ISP_300x250_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x600&fluid=height&ifi=3&adks=3234166115&sfv=1-0-38&ecs=20220418&fsapi=false&prev_scp=subsection%3Dworld-news%26storyid%3D2885472%26context%3DRussia%252CCyberattack%252CRoscosmos%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1650283090915&lmt=1650283090&dlt=1650283089043&idt=840&biw=1600&bih=1200&adxs=1130&adys=143&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=817571239.1650283089&ga_sid=1650283091&ga_hid=1702610171&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
5bac60bb9c0e400c17ef9900211179149c12fe2a2b2a1dc17d0f4a252f3d7bac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10835
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ndtv.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		53 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2153790268243313&correlator=2137332446520091&eid=31065714%2C31060545%2C31065454%2C31064624%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fif&iu_parts=1068322%2CNDTV_ISP_300x100_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x100&fluid=height&ifi=4&adks=2779928707&sfv=1-0-38&ecs=20220418&fsapi=false&prev_scp=subsection%3Dworld-news%26storyid%3D2885472%26context%3DRussia%252CCyberattack%252CRoscosmos&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1650283090919&lmt=1650283090&dlt=1650283089043&idt=840&biw=1600&bih=1200&adxs=1130&adys=179&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x100&msz=300x-1&fws=4&ohw=1600&ga_vid=817571239.1650283089&ga_sid=1650283091&ga_hid=1702610171&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e079f724a009094d86c612ec6c1a7e36ca8e822b0c420415aa09cccd7a5c60bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12454
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ndtv.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2153790268243313&correlator=2137332446520091&eid=31065714%2C31060545%2C31065454%2C31064624%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fif&iu_parts=1068322%2CNDTV_News_ROS_Native_Outstream&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C1x1&fluid=height&ifi=5&adks=1771325620&sfv=1-0-38&ecs=20220418&fsapi=false&prev_scp=subsection%3Dworld-news%26storyid%3D2885472%26context%3DRussia%252CCyberattack%252CRoscosmos&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1650283090924&lmt=1650283090&dlt=1650283089043&idt=840&biw=1600&bih=1200&adxs=420&adys=2365&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=650x3209&msz=650x20&fws=4&ohw=1600&ga_vid=817571239.1650283089&ga_sid=1650283091&ga_hid=1702610171&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
646b61b7f8fb0a6f4d51bb6c94d0fc88606bcf604e205c06cb1241a170a4bd9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8660
x-xss-protection
0
google-lineitem-id
5797731598
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138365076794
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		43 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2153790268243313&correlator=2137332446520091&eid=31065714%2C31060545%2C31065454%2C31064624%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fif&iu_parts=1068322%2CNDTV_ISP_728x90_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C728x90%7C970x250&fluid=height&ifi=6&adks=2600329411&sfv=1-0-38&ecs=20220418&fsapi=false&prev_scp=subsection%3Dworld-news%26storyid%3D2885472%26context%3DRussia%252CCyberattack%252CRoscosmos%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1650283090928&lmt=1650283090&dlt=1650283089043&idt=840&biw=1600&bih=1200&adxs=315&adys=99&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x0&msz=970x0&fws=4&ohw=1600&ga_vid=817571239.1650283089&ga_sid=1650283091&ga_hid=1702610171&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
52906281295c0e3f6a1f36af383323f1e48c37186e00d895f4be372ed25fa1b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10811
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ndtv.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 46BE 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2fc129edf90bfd24d24041d2b2441c833d93370fed52981b7bc0a21b90137afe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=40418
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9539
Expires
Mon, 18 Apr 2022 23:11:48 GMT
bounce
ib.adnxs.com/ Frame 8A90
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:58:10 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3c21ce74-2010-426e-95a9-030a487bc058
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:58:10 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
32705c49-7ebf-4e54-bfff-197f00e39d9c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame 46BE 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
usermatch
ssum-sec.casalemedia.com/ Frame 6A03
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ndtv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ndtv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ndtv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9b7c6681187d284901202f1fc0bb1d366a2ebcafb64789a327a5e7b8b5781df1

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1606
Content-Type
text/html
Date
Mon, 18 Apr 2022 11:58:11 GMT
Dropped-Udsids
241|230|45|39|218|73|51|109
Expires
Mon, 18 Apr 2022 11:58:11 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
343
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 18 Apr 2022 11:58:11 GMT
Expires
Mon, 18 Apr 2022 11:58:11 GMT
Location
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ndtv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Apr 2022 11:58:11 GMT
dcm
s.amazon-adsystem.com/ Frame 6A03
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yl1SU2bP0H8x5hwEskKzKAAABIoAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yl1SU2bP0H8x5hwEskKzKAAABIoAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yl1SU2bP0H8x5hwEskKzKAAABIoAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ndtv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:58:11 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
39RKGZMCYD3AJ2JC6896
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:58:11 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8136Y61H8YWEFNXK343Q
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yl1SU2bP0H8x5hwEskKzKAAABIoAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6A03 		170 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yl1SU2bP0H8x5hwEskKzKAAABIoAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ndtv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6A03
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yl1SU2bP0H8x5hwEskKzKAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAadR-LpCPO7jJ14yG7Udqk&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAadR-LpCPO7jJ14yG7Udqk&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ndtv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:58:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 11:58:11 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAadR-LpCPO7jJ14yG7Udqk&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 6A03 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ndtv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ibs:dpid=23728&dpuuid=Yl1SU2bP0H8x5hwEskKzKAAA%261162
dpm.demdex.net/ Frame 6A03 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yl1SU2bP0H8x5hwEskKzKAAA%261162?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ndtv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.75.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-75-122.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
Yl1SU2bP0H8x5hwEskKzKAAABIoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6A03 		43 B
997 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yl1SU2bP0H8x5hwEskKzKAAABIoAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ndtv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:7f38:53ec:3dfe:9e2b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:11 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 6A03 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ndtv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.4.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-4-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 6A03
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=a8f9be90d8ac495d8dc6ccb57a7dd058&expiration=1652875091
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=a8f9be90d8ac495d8dc6ccb57a7dd058&expiration=1652875091
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ndtv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:58:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 11:58:11 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:11 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=a8f9be90d8ac495d8dc6ccb57a7dd058&expiration=1652875091
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 6A03 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Yl1SU2bP0H8x5hwEskKzKAAA%261162
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ndtv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:11 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1025
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 12:15:16 GMT
/
02179916.akstat.io/ 		0
200 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://02179916.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/P4S98-FTZ59-DVK4T-C5SG5-AXGYM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:11 GMT
content-type
image/gif
access-control-allow-origin
https://www.ndtv.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Mon, 18 Apr 2022 11:58:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 237E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
167
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Apr 2022 11:55:24 GMT
expires
Tue, 18 Apr 2023 11:55:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2CDF 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9047596d712bb4087059b7c48abfd97230292bdb7b2b1e903bf4687b279dafb0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6WNSKqduszFhTkZED7Vqng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-6WNSKqduszFhTkZED7Vqng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 18 Apr 2022 11:58:11 GMT
expires
Mon, 18 Apr 2022 11:58:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
pagead2.googlesyndication.com/bg/ Frame 237E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 21:02:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
53725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13566
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 17 Apr 2023 21:02:46 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2CDF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041201&jk=2153790268243313&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame 3DD1 		222 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 3DD1 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 3DD1 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 3DD1 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 3DD1 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
truncated
/ Frame 3DD1 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2adbc1284ca9d9112ba040558cdf529cceaa530271e38f253fc9e7bdf51c4242

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
1577218478367274018
tpc.googlesyndication.com/simgad/ Frame 3DD1 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1577218478367274018
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31bb64056828a6bd12602213ec0378cb20e0f6a3d811a308d23c948a09f0ebbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 20:53:53 GMT
x-content-type-options
nosniff
age
227058
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88486
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 15:53:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 15 Apr 2023 20:53:53 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3DD1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 18:59:48 GMT
x-content-type-options
nosniff
server
cafe
age
61103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 18 Apr 2022 18:59:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3DD1 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
22477
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 19 Apr 2022 05:43:34 GMT
l
www.google.com/ads/measurement/ Frame 3DD1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ3r96PR_Uwwdc_bkVX4iObpnewgePQaUhZ5Vs20tB4fARTtlEdKE8O0QG-fwJIp55yItLb
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 3DD1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzBvhUlJdYoiPPM2U3gPy06DwBZWV48VpjL3Q-7MPwI23ARABIMzT5x5gleKQgqAHoAG_rM_8A8gBA6kCJ6MAqbAasj7gAgCoAwHIAwiqBJgDT9CF7fu732oAEupKXiXzrJNeoia4XNDgIDcZdQSvgg2W3RPq48YyDXj-vxadXXRLta9Bnx_0nSylu8ecW8rnjSrgxXU55AtyA2DLVWsOGickvkD0XGJ7BgPojos1l0mUA_QJfl5vldr26djyOdfHi4WdPOj9mDM35U8XQfUSeyke7GbEAe3iuepHCAYjEdmr5_uA_j-7ZM1j52vQOYpRZuFPWqPQdoWdahs5ji4g_g4RW7SM9wx8joOTeWqh0C1BRHmuaAb78gBYvvZcOti0BNdd6Ct6zoySyvpSJpK9lEMXtSyi8g8EeAFb38Dc9VmUYy4sq6SO0veN0pFg738pXVK3gpT7skThkRAjxDwDvm7hTQcw8nwyvAm6S1TB7IyAr03d6abiCLFO_wV9EM-x5Raln3gxyJuPAOiBRD0Ue_ywGcDLrRoXYBYAuNkDg7-gCKCGq2YcSbN6Tyudjhk3q23q1ym3QjPVyrAjS_tkU-EXjXQIixGGkkW0J9EbjUHcTrFM1N4DfjjbY6kxWH9gQHWR2cELc_96wATZ0YnL7gPgBAGSBQQIBBgBkgUECAUYBKAGA4AHqdOwA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJTWB9IICQiA4YBwEAEYHYAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi04NjA5NTAxNTQzOTE5NzI4GPLUCQ&sigh=T-_gmHoL8Qk&uach_m=[UACH]
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
715.json
id5-sync.com/g/v2/ 		213 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/715.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p13.id5-sync.com
Software
/
Resource Hash
6ea1756133bd72e56787ced47da01647a8d99942d2fbd29328d786c04b230c62
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.ndtv.com
Date
Mon, 18 Apr 2022 11:58:11 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		63 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.222.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-222-239.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
aca55acb597ee86d843ec6c503454b7cf766160d85c6d978c1ddf0dca0386ea7

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:11 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache
x-server
10.45.13.144
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		109 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8ea98b70ab98b45de62cd4bd45e9c35e459280645af4478afc79ef0e42f37360

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Apr 2022 11:58:11 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ndtv.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Wed, 18 May 2022 11:58:11 GMT
generate_204
tpc.googlesyndication.com/ Frame 237E 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?PiOwNg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame AD47 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame AD47 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame AD47 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame AD47 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame AD47 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
1577218478367274018
tpc.googlesyndication.com/simgad/ Frame AD47 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1577218478367274018
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31bb64056828a6bd12602213ec0378cb20e0f6a3d811a308d23c948a09f0ebbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 20:53:53 GMT
x-content-type-options
nosniff
age
227058
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88486
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 15:53:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 15 Apr 2023 20:53:53 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AD47 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 18:59:48 GMT
x-content-type-options
nosniff
server
cafe
age
61103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 18 Apr 2022 18:59:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AD47 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
22477
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 19 Apr 2022 05:43:34 GMT
truncated
/ Frame AD47 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3e8d22641c2782685ea3519c108c9db13cd4b669b88135ed800b8c1c779146a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
l
www.google.com/ads/measurement/ Frame AD47 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7kI8blLU8kI6IoVq7tPRnANtIMEgvAr1B5QUH8oGI7ArDeF-suEiVAuzkc_ZLZ7W6AAAh
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame AD47 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cb0lCU1JdYtOeFoP23gPegLqADpWV48VpjL3Q-7MPwI23ARABIMzT5x5gleKQgqAHoAG_rM_8A8gBA6kCJ6MAqbAasj7gAgCoAwHIAwiqBIUDT9AL6GqgCNocLTlH49bicMlceexClnbZ7CqcxLPmMsspbhE9pUYZQvCVbBxGVwoI4FMOIJEjYY9QaFI70UqGQ7JZqPC5gECIes74foUPzohLmiNQXm1I_ipHdJOPEH_S7ASka2A7i0dZ7rS69wPIgPoayIdjbLv21yEK1mDzw-Ao3WoIGP51i0LWYB3UuCrqaqfsVwat9nR422ej9z7sWdP-kamK48xdLoo8P_lt2GuCLOC91wsFPgcKLON2WCB_9IRbqsdMkhH2ofqtordXa56Ln4_QJXWXub5SlnjF2gstC4bjUBMB8MgCmCFp5jEHmUXbWlAhT27qnKchlUJ1ycZeQSgBX6r4D8xyKjaRknHI-wQvhG5COhZ_V-5x5fsEQ3e50Av2YhvKNdrhDa6318OXgKOUzWnLlrHfchxdbVF-hKr7XzVP0H8XESmMgzRi6o1qTZ6sZPS2ChqBOVRFKSEzigHfi6-XirrEvDXljO7fXzqnnQt4X0JnzzCvh2GnNERuG8vABNnRicvuA-AEAZIFBAgEGAGSBQQIBRgEoAYDgAep07ADqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ7pAM0ggJCIDhgHAQARgdgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTg2MDk1MDE1NDM5MTk3MjgY8tQJ&sigh=xgTyg4IAn_w&uach_m=[UACH]
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3DD1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H3
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

date
Mon, 18 Apr 2022 11:58:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
1577218478367274018
tpc.googlesyndication.com/simgad/ Frame 3DD1 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1577218478367274018
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31bb64056828a6bd12602213ec0378cb20e0f6a3d811a308d23c948a09f0ebbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 20:53:53 GMT
x-content-type-options
nosniff
age
227058
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88486
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 15:53:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 15 Apr 2023 20:53:53 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3DD1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 18:59:48 GMT
x-content-type-options
nosniff
server
cafe
age
61103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 18 Apr 2022 18:59:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3DD1 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
22477
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 19 Apr 2022 05:43:34 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame AD47
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H3
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

date
Mon, 18 Apr 2022 11:58:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame 8A90 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:58:11 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
24b3eb6e-6703-4150-90f8-3b330ce492d7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041201&jk=2153790268243313&bg=!j4yljMjNAAZvJBiFTyQ7ACkAdvg8Wp7wYU4ZD-vhJ_e9Jkalswf01fgawarXTHo3d4Ge6wegCbhrSgIAAABnUgAAAAJoAQcKAC3UuWnFYI3LShHLciu_tYNpDOKu4X6qki6MERNP2z2wJDMk063He9TJBUvQipqZApFr8mmlBRDAf8GuT4EIX9jf6dJay3DjWuDHAGwDwps8Xl9bwF0PWOzYPlyi5hd6M1jsMFb83zMP_nfnFquZJCE1ZI1TGGR4KKon4sbuifD7KpvrW-76OiFpPkSGfQWUdcTxfwBGgT16EyXTFXbNAs3hUe2meLbNIT4f8UlwVFTOz1kxAv_E6Vw4UutbHRWVeSRMawnfCEQ7BNa-H-QV5B5RCHWagPJ4mkCdLnVWkcBpRqHN-wjYvTM6PbqSlukoEHaKNLH66kJ_D8CmKNQXJ3X1eHTN4aYWCyQz5OmXQ9IBCoAVHAy8AgJzEag6WyFlI5wg6ZZjB0RCCJq-Q5AavofLUEvC0SQNuDDrkg3I0fNbiI-rob79V9xVoDOyYsi4O2-Hz_fq8otv8WjRT0BwIhqQc2mOwfIZE0y82lxpXkKcBCZI4zU2aqH5YU3Rfe_R_Bt4avEr_YSrqUhoY8bu6doNx27XXwjFY8ytUo5J24-v2t8tBNjuJVnEkptm-BQKHMDvxiycmQV_R9NKIZ5_EKYYGh2G6WiW2dyIKwogihf3hYFFx95b0ejAx0zUU-Wn9p6xxjpBWn0moIU5pY8hs-2D0quIc485yoT6FxqxVLIOm7jHJVyQ9EMT3pec1P7Thh-DC7AtkMd4nBrcSIzTMP9nRnlZQzZ0EoMycMUz6NvEEZZIWIrdBg-C05NmLzKwdRKbmwXTQRW0Qh3gyFbZL6omxuXYa6TgBRakC5V5vrZNwxJPvsYPukes9c22FeZV0Eu2ds8prgqleF6PYz7tHJwCP21iF1HorDnclWe6Za0e6saGzV8DdqwEl97L_8vfcgn-xXH-MpKcmd8dM3zEZtUP55am4sPN12CH-qzIKLNxALs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame A6D5 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174963
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame A6D5 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174963
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame A6D5 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174963
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame A6D5 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174963
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame A6D5 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174963
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
css
fonts.googleapis.com/ Frame A6D5 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 11:19:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 18 Apr 2022 11:58:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Apr 2022 11:58:12 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A6D5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 18:59:48 GMT
x-content-type-options
nosniff
server
cafe
age
61104
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 18 Apr 2022 18:59:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A6D5 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
22478
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 19 Apr 2022 05:43:34 GMT
l
www.google.com/ads/measurement/ Frame A6D5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSeP0OFsMX-mJKkmwQIgRxtc9dfGQzjBgb7QwHrtugKgpsCbed-5EHMXW-cSvmGf7do1QDX
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame A6D5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ClaasU1JdYrO_L4iNrAS72YjYDKbUsdFpz8KUsb8PkJecqusvEAEgzNPnHmCV4pCCoAegAcPgh9sDyAEG4AIAqAMBqgT5Ak_QLkr7jlsF90DORCj8tC8VskWGXRqE798pjhiCwDIlZd9P7VW0GZfg9JiEr04cajBpoeHqeGov7P25RK-u-xlctccOp_wNDHRF5ShLQefyiLjygnyzgA0amHOxU6GQ0ZzrHdvF7shuXRUAY2MAEubN6VrCk5P2HsxjJv_S5aRv6vd9sT7J0nEOB4JKmMCqi-pQCiiT4BskAzk0AmofIJORzF_segEt7VynF3n2DCcMr7oug3PpcH5vt3nD0wzqfU_hPGShebNqUvYi9p4uvBUUu_0NRau72kUoQCO83xxoKadTpa_U9RT48JKLY0R-bXWEendldGOp7TrdUHC1QcFGIZOLo4XRtTY48R6Kd7fOCX7qW49BWJsPPKPtN6rAn3JJdOQsDAr4PJW3hVQylTy-3idIQD8ljWiCGyzxhmeBeN1kh82h7jNYGB8e-fDPcu2NcMukP6ujp0D3XAfbMB6p5HziSH6vNJvfomZHTXKw-ZB2tZnrVg5pwATMpsqN-wPgBAGSBQQIBBgBkgUECAUYBIAHpZ_4JKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENryAtIICQiA4YBwEAEYHYAKA8gLAdgTDIgUAdAVAYAXAbIXHgocCAASFHB1Yi04NjA5NTAxNTQzOTE5NzI4GPLUCQ&sigh=BrRWm2fq5tQ&uach_m=[UACH]&template_id=492
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
truncated
/ Frame A6D5 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ef2d16ee3edb97fe38c6044a52867f46f94c92726c3f5abb0e7de15e1737332

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame A6D5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H3
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

date
Mon, 18 Apr 2022 11:58:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame A6D5 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ndtv.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 22:46:42 GMT
x-content-type-options
nosniff
age
479490
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Apr 2023 22:46:42 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame 2207 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174963
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 2207 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174963
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 2207 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174963
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 2207 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174963
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 2207 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174963
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Apr 2023 11:22:09 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2207 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 18:59:48 GMT
x-content-type-options
nosniff
server
cafe
age
61104
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 18 Apr 2022 18:59:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2207 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
22478
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 19 Apr 2022 05:43:34 GMT
truncated
/ Frame 2207 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b82a5f1d7b6028df265f37ed644acd0267461286715e1b62f7d83361319810b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
8602352194619778615
tpc.googlesyndication.com/simgad/ Frame 2207 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8602352194619778615
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
681f75c1b34aaf1f8a0eae3f7426d14538ca9125ed93c289b14ad57b7976a481
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 18:26:57 GMT
x-content-type-options
nosniff
age
235875
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109500
x-xss-protection
0
last-modified
Fri, 25 Mar 2022 18:04:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 15 Apr 2023 18:26:57 GMT
l
www.google.com/ads/measurement/ Frame 2207 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTunsyvQeLAw7r7NUj2O1XQ0ulH8F_QwXmyVJ69CRn4iwUamxQRfM4ugOhGen_hpk54gKwj
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 2207 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVjGUU1JdYuPBPI7a3wPPxoL4ApWV48VppMTQ-7MPwI23ARABIMzT5x5gleKQgqAHoAG_rM_8A8gBA6kCJ6MAqbAasj7gAgCoAwHIAwiqBP4CT9DjR7MumEzYmkzuNhg6f_x3CyLtoS0GgRkoVwdiS5A6PLDQKsH2T_93pC0HQ666MHpTnMEM-KarQ-WUeeWNGsapJVCHwnFCQI2iB5qzfK--di9-fdV7QzEoel4d-ADnhwyVDzeCfPtanBaG7y33nZACEOJs9HZnL6FTjEsy_oNxaBzlVNCMGheYLVjqcSLuqh0gTroGlPMMoTKK1Xywe4i_nW-8mO-rLc24R23KMnd4eCUEAZL3ziyZiA80fAu6mRQXzdVqlNOx8rZERf13aGWkCq3vlkPBkEBNKO7NauCEIjAM-QJl3w_tL3Lvy32rHcOZ5v2Y1pvhP1_31IeniIV_LhWztA5oPvtx9uEVcnJxw5uamiycfu3xXy0jYNMDBSvpeB3RtRm4s7GCFQ-8w7kVEHkELUTQJXtXBHSpQZykSIItJtDLdZDvcL187K7P08jYM4a8TkEIJ7vjPYVoer3KYHDInP5jaZ25ahBIqYE2ipbvQt3D43MsDrHtw8AE2dGJy-4D4AQBkgUECAQYAZIFBAgFGASgBgOAB6nTsAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC3gh3SCAkIgOGAcBABGB2ACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItODYwOTUwMTU0MzkxOTcyOBjy1Ak&sigh=9NKAvHJGHHc&uach_m=[UACH]
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2207
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H3
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

date
Mon, 18 Apr 2022 11:58:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 48CC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyyhespPS3T1X1NfKG3BpCPsegM0OF9lcu7WqbsdhI4du3Aq-olU6RCGKv8K4ai9lSbziYyWhj5tUFjDxR4Ah1GVZtSXs50NHOHksAAV9640BlD3v_D25TNJGmlfue50hsI6BNaSKUDgc4IUJtMd4_sqM0yCtFdXmtMA40D9wlAqVtLFw0R6H6KRXjsRRKIv-Rp2Cip6YubN-4EH9-6yB-ztyedGs5GmINYxcMTfbY8fxO6KeoX6gzHazVX9SRbJvc-ooggo1HQ9O_w7r5Dwy5IPosD5pNKW6HPc3g1n7G4wSUv9OSCvd2BUTF1yfQ2HkFzL3mowH6I6kV&sig=Cg0ArKJSzO6RfJ9CYztwEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: t.co
URL: https://t.co/EPE1QIG4we
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 11:58:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
spt
tg1.aniview.com/api/adserver/ Frame 48CC 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.aniview.com/api/adserver/spt?AV_TAGID=614ae73c247c816b3714756b&AV_PUBLISHERID=614ae5b1d660a1446c352c0d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:b600:188::2c79 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
67370e47d8b0e16fc5457dfe272ebcaa8e5cf790ce4be3db4a36174e642c9488

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length
4490
Expires
Mon, 18 Apr 2022 12:03:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 48CC 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Apr 2022 11:58:12 GMT
player.js
player.aniview.com/script/6.1/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js
Requested by
Host: tg1.aniview.com
URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=614ae73c247c816b3714756b&AV_PUBLISHERID=614ae5b1d660a1446c352c0d
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:b600:19b::2c79 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5fca8cba66a6135778cc90e42947f68bb3aaa3e09caf7c8db5f19e744bdbd369

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:12 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvkIV1fC_XY0kX5_g-S_XBPA61AyJK9ln7GKZBvKKL7mg4NYTuZZusyTgTv6dlxIqXODOPrS9UBRRBMUan7TmoNu5g0_oIm
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9412
last-modified
Mon, 04 Apr 2022 07:08:12 GMT
server
UploadServer
etag
"ba9366aeb680a4636c0b2a18b33cfed4"
vary
Accept-Encoding
x-goog-hash
crc32c=QvzzUg==, md5=upNmrraApGNsCyoYszz+1A==
content-language
en
access-control-allow-origin
*
x-goog-generation
1649056092024039
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9412
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 18 Apr 2022 12:03:12 GMT
track
track1.aniview.com/ Frame 48CC 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=614ae5b1d660a1446c352c0d&cid=614ae6a95c7eb072a57ff2c6&cb=1650283092587&r=www.ndtv.com&stagid=614ae73c247c816b3714756b&stplid=614ae7204084214cd6616f24&d35=&e=playerLoaded
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.68.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-68-121.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:12 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ Frame 48CC 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3133a894049d9adc7cb8548c5f7db5438f4faaa19c764bf13fcf00acd084176d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
AVmanager.js
player.aniview.com/script/6.1/ Frame A1FB 		365 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=614ae5b1d660a1446c352c0d
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:b600:19b::2c79 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9013854b5bb446878dc7fbb34f6b3d8b2eda5cec70ed60b12d36d9d70ab9df21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:12 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduDIQfllaErTFnHZ6fKzKIZHk5rLUbA9sWRI7-p0PRO--Pon8yYTAL2a4aqLVGEka9_EjhiuyE4dW5dZ8APnA8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
104676
last-modified
Mon, 04 Apr 2022 07:07:59 GMT
server
UploadServer
etag
"7de6e5450668a3b2906164c0e03cfa4a"
vary
Accept-Encoding
x-goog-hash
crc32c=9F3HOw==, md5=feblRQZoo7KQYWTA4Dz6Sg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1649056079675966
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
104676
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 18 Apr 2022 12:03:12 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.ndtv.com&sn=&ic=0&tgt=0&app=&wi=640&he=360&test=4&d36=6.2.13&apppkg=&fv=3&proto=https&pid=614ae5b1d660a1446c352c0d&cid=614ae6a95c7eb072a57ff2c6&stagid=614ae73c247c816b3714756b&stplid=614ae7204084214cd6616f24&e=inventory&vi=0&cb=1650283092716
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.68.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-68-121.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:12 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/4/ 		17 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/4/?AV_TAGID=614ae73c247c816b3714756b&AV_PUBLISHERID=614ae5b1d660a1446c352c0d&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&AV_CHANNELID=614ae6a95c7eb072a57ff2c6&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=4&pce=1&npx=1&AV_DETDOMAIN=www.ndtv.com&AV_DADPOS=3&AV_TAG=614ae73c247c816b3714756b&AV_TEMPLATE=614ae7204084214cd6616f24&d36=6.2.13&responsive=1&sver=2&avtoken=92715&AV_WIDTH=640&AV_HEIGHT=360&AV_DNT=0&cb=1650283092736
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=614ae5b1d660a1446c352c0d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.80.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-80-154.compute-1.amazonaws.com
Software
/
Resource Hash
4906f379b29e1b33abbb5b6c34e4a97ea3e39dd268d7f734861791a4517e088a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 06 Apr 2022 22:11:33 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AD47 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqSTWG9IqVRRWWMGVlWvic0QFISCdB-XY9AnLP_8Wp2kMVWZlv5KScFOGPi3g9UkDmYM9cUC9tZo-Y-uwzYG0I0QKEi41rg20etNkE7NOL9zjNLtVsoPvopOWWR1_eca03USMSdi_14GH8&sai=AMfl-YS9EPvSswedxqLo1F9Y-F8Jvjs971PaoBE2RgSU2ZT2C3E4d3-1Iw3W20AgSi6myZ5yk54hTujxAsEsovp6eUUeFkGzD-Oe7pnHUxwdOPv5JRmmMl_d8BV_uqus&sig=Cg0ArKJSzF-BYZy78YKsEAE&cid=CAASUORouVT8jGiRxx0IMrdqd90zaHzZ4wQvjfHKkuL60NhNot_Tq3iKKk9LOeef-vLNPmmlpO3Xy1rGqf5Z8XROO0iw1aZHjXZcuBMuscpy0_Ku&id=ampim&o=1130,143&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=220&tls=1220&g=100&h=100&tt=1220&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=3234166115
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wl
t.pubmatic.com/ 		17 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=158451
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.92 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:13 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 48CC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnNEoqzyi1M1EbPedfNt1RroQg-bD1PfrspRRXatMGpl1BPfmrhPI4C6WlMv8liX4NlwKx2bdGiYRmsGdj18cply98_K4vmfe9ZmajhS1Nj3MMV5D3u-S-8B9IyhGaqE7X0LBeWjb5LS4kmtgBBIC-eFMyy-D2erXMkCBZjgBXtogDxKHSxgopcsX9qrqXN5sY6_bwCGb5G7wZoo3e1_ervLpc8N24odsSCUHxlQ1csNB6lHR5CTD58wCl4IDwBf3zdKOk5EV-t8pB1at7fWMak7RyDk5uVFXCg2zLXyS_IQgVQbGlNTQd_b3qTddZapIJBlAAZFDAcVf77IE&sig=Cg0ArKJSzCYuu6RRExQbEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 11:58:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 18 Apr 2022 11:58:12 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AB89 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1650283093008-912834300205-005476-003-004954%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=614ae5b1d660a1446c352c0d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.2 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-2.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=130055
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 18 Apr 2022 11:58:13 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 20 Apr 2022 00:05:48 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame 470C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1650283093008-912834300205-005476-003-004954%26biddername%3D200%26key%3D%5BRX_UUI...
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&zcc=1&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1650283093008-912834300205-005476-003-004954%26biddername%3D200%26key%3D%5B...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1650283093008-912834300205-005476-003-004954&biddername=200&key=OPTOUT
0
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1650283093008-912834300205-005476-003-004954&biddername=200&key=OPTOUT
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=614ae5b1d660a1446c352c0d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.158.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-158-136.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 18 Apr 2022 11:58:13 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 18 Apr 2022 11:58:13 GMT
etag
OPTOUT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1650283093008-912834300205-005476-003-004954&biddername=200&key=OPTOUT
pragma
no-cache
server
Tengine
occ
ups.analytics.yahoo.com/ups/58543/ Frame 8463 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=614ae5b1d660a1446c352c0d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Mon, 18 Apr 2022 11:58:13 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.0.46
strict-transport-security
max-age=31536000
avpb6.15.0.js
player.aniview.com/script/6.1/ Frame A1FB 		333 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb6.15.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=614ae5b1d660a1446c352c0d
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:b600:19b::2c79 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
c93597f47f53dc63d1240237f5e29975805f3c75126cdd52f0d9ae2c3f6546c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:13 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduPvASoAMVBQVgX_d4XJNX27G-rdxgwhbR9E5xqjMw3rEZUlwBAlMDufWxH89ABOkpVOKrVciZU4k0TJB3SM7HJPN6Nyg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
101816
last-modified
Mon, 04 Apr 2022 07:07:36 GMT
server
UploadServer
etag
"18975d3425053e6131411a505c475946"
vary
Accept-Encoding
x-goog-hash
crc32c=K9qPgA==, md5=GJddNCUFPmExQRpQXEdZRg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1649056055882898
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
101816
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 18 Apr 2022 12:03:13 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.ndtv.com&rs=www.ndtv.com&sid=26536&t=1650283093&cip=185.213.155.166&sn=&tgt=0&osv=10&bv=100.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=614ae5b1d660a1446c352c0d&test=4&aafaid=&proto=https&uid=1650283093008-912834300205-005476-003-004954&cha=0.1&stagid=614ae73c247c816b3714756b&stplid=614ae7204084214cd6616f24&d35=&d36=6.2.13&cb=80320118832&d9=1000&d37=realtime&AV_WIDTH=640&AV_HEIGHT=360&&copid=614ae5b1d660a1446c352c0d&nid=59c9148628a0612da3689288&cocid=614ae6a95c7eb072a57ff2c6&ncid=614ae5e4dfd55f034b6d3714&coasid=614ae69d29bdb349a0629fc6&e=request&cb=1650283093092&asid=615d86dde5d6cb411e69c5d4%2C620b8866fe1e7944935c0bc4%2C614c9359d1cd29501548ee14%2C6162c9a6c662c105533b5c59%2C616d772002529277b563308f%2C614d9b913e29bf47246c950c%2C62176d481e1e8f40cb1ddfb4&ofpr=%2C%2C%2C%2C1%2C%2C0.8&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.68.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-68-121.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:13 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
onetag-sys.com/vast/57e618150c70d90/ 		580 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/vast/57e618150c70d90/?placement_id=190507835&placement_type=1&encoded_location_url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&player_width=640&player_height=360&muted=1&autoplay=1&vpaid_supported=1&gdpr_consent_string=1&cbb=283093091
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=614ae5b1d660a1446c352c0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
bd2afc7feff7251f7a8561b0dd06881d95d0cccc162e0f3fb47665254c316ec6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.ndtv.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/xml;charset=UTF-8
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
425
PugMaster
image6.pubmatic.com/AdServer/ Frame AB89 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=3759666&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1650283093008-912834300205-005476-003-004954%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:12 GMT
content-length
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.ndtv.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.ndtv.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 18 Apr 2022 11:58:13 GMT
server
ATS/9.1.0.33
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ndtv.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.ndtv.com
date
Mon, 18 Apr 2022 11:58:13 GMT
access-control-allow-credentials
true
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
af89f810bd0a6c5b863889f0dc97ca8fae16026665e163941e4dfa8c3070f6e1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:58:13 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3b691726-a779-460b-9e21-017d81d487fd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ndtv.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A6D5 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsua_Dsx_dWv3D2usofgJ7068Cu6paxELf4944shF1GvVoPoXfSEM162JX77RTmduu49-tNHnP1BOXvuuknvadsF9jaPptLOWsWb_Pcejrj0SguimW_9XQ&sai=AMfl-YQ4rBD1rx9i6RnKzCIdiweO_bVE6E33-hLs1A_d9tESkl_H68Q2UCs_MtyFFdMTLB9i8zhA9U731W7B-dwt2wI190oIAZLLdQDdhpYtj8E25kl-o8UDJkydEJGW&sig=Cg0ArKJSzKeWB5mV2g5LEAE&cid=CAASUORo5KBtTeU42VUZ6C8FboTFj6jq2cC3g55g4_NCtUr8gKlei8cVEwBg96ZeER25ed8OPnhke4G89TBFZUjjPkGeDXi_4BE28lKK9TaTBgx8&id=ampim&o=1130,779&d=300,100&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=107&tls=1107&g=100&h=100&tt=1108&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=2779928707
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ 		0
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.ndtv.com&rs=www.ndtv.com&sid=26536&t=1650283093&cip=185.213.155.166&sn=&tgt=0&osv=10&bv=100.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=614ae5b1d660a1446c352c0d&test=4&aafaid=&proto=https&uid=1650283093008-912834300205-005476-003-004954&cha=0.1&stagid=614ae73c247c816b3714756b&stplid=614ae7204084214cd6616f24&d35=&d36=6.2.13&cb=80320118832&d9=1000&d37=realtime&AV_WIDTH=640&AV_HEIGHT=360&&copid=614ae5b1d660a1446c352c0d&nid=59c9148628a0612da3689288&cocid=614ae6a95c7eb072a57ff2c6&ncid=614ae5e4dfd55f034b6d3714&coasid=614ae69d29bdb349a0629fc6&e=bid&cb=1650283093340&asid=615d86dde5d6cb411e69c5d4%2C620b8866fe1e7944935c0bc4%2C614c9359d1cd29501548ee14%2C6162c9a6c662c105533b5c59&ofpr=%2C%2C%2C&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.68.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-68-121.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:13 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame A1FB 		376 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=614ae5b1d660a1446c352c0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2767df6736abef725fe8b1e39307f402dc27a7c8341f9354a8c1b883dcc563dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128424
x-xss-protection
0
expires
Mon, 18 Apr 2022 11:58:13 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2207 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqPIXN2x37pEu8HjpBfVeEQw0Ea3z6Jxi3KLi-BOXJ8KaxOsg5S7FUKwVezyXCrXfXdz3B4XFUJOS5ONKWVHa433cfE0AZzLwzzvLoUEnLI6aW95lqcQuUAEulrG2ZJAS3C9zWY9-rJhkf&sai=AMfl-YRjYDWCVfRyDGklJmd6nUAaLr7qzGzbjCpFLZIw7DiYueGk3-ysoutmTM-hVo2m-HVC5FjXt6CioORVSn3vQ-1CB_WrJj1Z9z5Ptojzy5whgzlb-2kmWBWAOV3n&sig=Cg0ArKJSzOHK3G2uqpajEAE&cid=CAASUORoTfu4ffUFP2Exa3MdF13sIoKHZIg5jX-0IxOtU8FURKn0y2xVJv45zZMiw7OxoN52Wa7qbxvvLrxbohS7Z-G-58nVnrsHJA-Vpm1yUirL&id=ampim&o=315,99&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=120&tls=1120&g=100&h=100&tt=1120&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.ndtv.com
URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.510.1_en.html
imasdk.googleapis.com/js/core/ Frame CB3D 		631 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc89c933d5f3a060b6d6529c1f6748bbe87213a8aa11eca62361b67a2c39266b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
302968
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209821
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 23:48:45 GMT
expires
Fri, 14 Apr 2023 23:48:45 GMT
last-modified
Thu, 14 Apr 2022 23:44:31 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame A1FB 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Apr 2022 11:58:13 GMT
bridge3.510.1_en.html
imasdk.googleapis.com/js/core/ Frame 17BB 		631 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc89c933d5f3a060b6d6529c1f6748bbe87213a8aa11eca62361b67a2c39266b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
302968
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209821
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 23:48:45 GMT
expires
Fri, 14 Apr 2023 23:48:45 GMT
last-modified
Thu, 14 Apr 2022 23:44:31 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.510.1_en.html
imasdk.googleapis.com/js/core/ Frame EC8F 		631 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc89c933d5f3a060b6d6529c1f6748bbe87213a8aa11eca62361b67a2c39266b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
302968
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209821
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 23:48:45 GMT
expires
Fri, 14 Apr 2023 23:48:45 GMT
last-modified
Thu, 14 Apr 2022 23:44:31 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.510.1_en.html
imasdk.googleapis.com/js/core/ Frame 5CE4 		631 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc89c933d5f3a060b6d6529c1f6748bbe87213a8aa11eca62361b67a2c39266b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
302968
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209821
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 23:48:45 GMT
expires
Fri, 14 Apr 2023 23:48:45 GMT
last-modified
Thu, 14 Apr 2022 23:44:31 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A1FB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ndtv.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 11:58:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 99E8 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 18 Apr 2022 12:36:10 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7270 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 18 Apr 2022 12:36:10 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5B5B 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 18 Apr 2022 12:36:10 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 76D8 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 18 Apr 2022 12:36:10 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 91F7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
23788
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 18 Apr 2022 11:58:13 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 14 Apr 2022 05:21:37 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
159827, 424116
X-Served-By
cache-lga21972-LGA, cache-hhn4022-HHN
X-Timer
S1650283094.833582,VS0,VE0
async_usersync
ib.adnxs.com/ Frame 91F7 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:58:13 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
53ea2313-f38e-4003-a384-95a3aea518b7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame EC8F 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22652678936%2FSMG_Aniview%2Fpreroll%2Fsyndication_3&description_url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1401870010495338&sdkv=h.3.510.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2604914665&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.510.1&sid=51D111DC-DAD5-4FF1-90F9-A1C563387241&nel=0&eid=44752711%2C44758348%2C44761692&url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&dt=1650283094145&cookie=ID%3Dd317da4ffd7b4706%3AT%3D1650283090%3AS%3DALNI_MaFSNtPOZNsvEH4Z3AXzoSw_HcKPg&scor=2884624948273882&ged=ve4_td1_tt0_pd1_la1000_er2615.425.2773.725_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:14 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 5CE4 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22059416475%2C1068322%2FNDTV_Video_Test_AV_DFP_MCM_0.6&description_url=https%3A%2F%2Fndtv.com&tfcd=0&npa=0&ad_type=audio_video&sz=1x1%7C335x200%7C400x225%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3411751584186316&sdkv=h.3.510.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=3342576598&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.510.1&sid=51D111DC-DAD5-4FF1-90F9-A1C563387241&nel=0&eid=44752711%2C44758348%2C44761692&url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&dt=1650283094154&cookie=ID%3Dd317da4ffd7b4706%3AT%3D1650283090%3AS%3DALNI_MaFSNtPOZNsvEH4Z3AXzoSw_HcKPg&scor=2286075636798897&ged=ve4_td1_tt0_pd1_la1000_er2615.425.2773.725_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:14 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame CB3D 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21833905170%2C22652678936%2Faniview_ndtv_vast__du&description_url=https%3A%2F%2Fwww.ndtv.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1296181997164308&sdkv=h.3.510.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2408046288&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.510.1&sid=51D111DC-DAD5-4FF1-90F9-A1C563387241&nel=0&eid=44752711%2C44758348%2C44761692&url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&dt=1650283094159&cookie=ID%3Dd317da4ffd7b4706%3AT%3D1650283090%3AS%3DALNI_MaFSNtPOZNsvEH4Z3AXzoSw_HcKPg&scor=2870389891207428&ged=ve4_td1_tt0_pd1_la1000_er2615.425.2773.725_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:14 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 17BB 		156 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22466671215%2C1068322%2Fca-video-pub-6346866704322274-tag%2Fndtv.com_Video_Web&description_url=https%3A%2F%2Fwww.ndtv.com%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4470525024041150&cust_params=Floors%3D3&sdkv=h.3.510.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2602865546&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.510.1&sid=51D111DC-DAD5-4FF1-90F9-A1C563387241&nel=0&eid=44752711%2C44758348%2C44761692&url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&dt=1650283094164&cookie=ID%3Dd317da4ffd7b4706%3AT%3D1650283090%3AS%3DALNI_MaFSNtPOZNsvEH4Z3AXzoSw_HcKPg&scor=2596514755119798&ged=ve4_td1_tt0_pd1_la1000_er2615.425.2773.725_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:14 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.ndtv.com&rs=www.ndtv.com&sid=26536&t=1650283093&cip=185.213.155.166&sn=&tgt=0&osv=10&bv=100.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=614ae5b1d660a1446c352c0d&test=4&aafaid=&proto=https&uid=1650283093008-912834300205-005476-003-004954&cha=0.1&stagid=614ae73c247c816b3714756b&stplid=614ae7204084214cd6616f24&d35=&d36=6.2.13&cb=80320118832&d9=1000&d37=realtime&AV_WIDTH=640&AV_HEIGHT=360
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=614ae5b1d660a1446c352c0d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.68.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-68-121.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 18 Apr 2022 11:58:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.ndtv.com&rs=www.ndtv.com&sid=26536&t=1650283093&cip=185.213.155.166&sn=&tgt=0&osv=10&bv=100.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=614ae5b1d660a1446c352c0d&test=4&aafaid=&proto=https&uid=1650283093008-912834300205-005476-003-004954&cha=0.1&stagid=614ae73c247c816b3714756b&stplid=614ae7204084214cd6616f24&d35=&d36=6.2.13&cb=80320118832&d9=1000&d37=realtime&AV_WIDTH=640&AV_HEIGHT=360&&copid=614ae5b1d660a1446c352c0d&nid=59c9148628a0612da3689288&cocid=614ae6a95c7eb072a57ff2c6&ncid=614ae5e4dfd55f034b6d3714&coasid=614ae69d29bdb349a0629fc6&e=request&cb=1650283094491&asid=614c9359d1cd29501548ee14%2C62176d481e1e8f40cb1ddfb4%2C616d772002529277b563308f%2C614d9b913e29bf47246c950c&ofpr=%2C0.8%2C1%2C&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.68.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-68-121.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
onetag-sys.com/vast/57e618150c70d90/ 		580 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/vast/57e618150c70d90/?placement_id=190507835&placement_type=1&encoded_location_url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&player_width=640&player_height=360&muted=1&autoplay=1&vpaid_supported=1&gdpr_consent_string=1&cbb=283094491
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=614ae5b1d660a1446c352c0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
bd2afc7feff7251f7a8561b0dd06881d95d0cccc162e0f3fb47665254c316ec6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.ndtv.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/xml;charset=UTF-8
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
425
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ab01e87bb8725cb986eef22a6db89962744cede11de7f4beeaad67ec691a0618
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:58:14 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3c788baf-bbe3-4bc0-ab8f-c8b641ca35c8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ndtv.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ndtv.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.ndtv.com
date
Mon, 18 Apr 2022 11:58:14 GMT
access-control-allow-credentials
true
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.ndtv.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.ndtv.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 18 Apr 2022 11:58:14 GMT
server
ATS/9.1.0.33
ads
googleads.g.doubleclick.net/pagead/ 		0
0
ads
googleads.g.doubleclick.net/pagead/ 		0
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.ndtv.com&rs=www.ndtv.com&sid=26536&t=1650283093&cip=185.213.155.166&sn=&tgt=0&osv=10&bv=100.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=614ae5b1d660a1446c352c0d&test=4&aafaid=&proto=https&uid=1650283093008-912834300205-005476-003-004954&cha=0.1&stagid=614ae73c247c816b3714756b&stplid=614ae7204084214cd6616f24&d35=&d36=6.2.13&cb=80320118832&d9=1000&d37=realtime&AV_WIDTH=640&AV_HEIGHT=360&&copid=614ae5b1d660a1446c352c0d&nid=59c9148628a0612da3689288&cocid=614ae6a95c7eb072a57ff2c6&ncid=614ae5e4dfd55f034b6d3714&coasid=614ae69d29bdb349a0629fc6&e=bid&cb=1650283094642&asid=614c9359d1cd29501548ee14&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.68.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-68-121.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
log
aplogger.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aplogger.adpushup.com/log?event=ADP_ERROR&data=eyJsb2dzIjpbeyJuYW1lIjoiQXBVbmhhbmRsZWRSZWplY3Rpb25FcnJvciIsInN0YWNrIjoiQXBVbmhhbmRsZWRSZWplY3Rpb25FcnJvcjogZmFsc2VcbiAgICBhdCBodHRwczovL2Nkbi5hZHB1c2h1cC5jb20vNDIyNjAvYWRwdXNodXAuanM6MToxMjgxNDMiLCJtZXNzYWdlIjoiZmFsc2UifV0sInR5cGUiOiJFUlJPUl9MT0dTIiwidGltZXN0YW1wIjoxNjUwMjgzMDk0NjY2LCJwYWdlVXJsIjoiaHR0cHM6Ly93d3cubmR0di5jb20vd29ybGQtbmV3cy93ZXN0ZXJuLWhhY2tlcnMtdXNlZC1ydXNzaWFzLW93bi1yYW5zb213YXJlLWFnYWluc3QtaXQtaW4tY3liZXJhdHRhY2stb24tcm9zY29zbW9zLXJlcG9ydC0yODg1NDcyIiwicGF0aCI6Ii93b3JsZC1uZXdzL3dlc3Rlcm4taGFja2Vycy11c2VkLXJ1c3NpYXMtb3duLXJhbnNvbXdhcmUtYWdhaW5zdC1pdC1pbi1jeWJlcmF0dGFjay1vbi1yb3Njb3Ntb3MtcmVwb3J0LTI4ODU0NzIiLCJkb21haW4iOiJ3d3cubmR0di5jb20iLCJjb3VudHJ5IjoiREUiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJicm93c2VyIjoiY2hyb21lIiwic2l0ZUlkIjo0MjI2MH0%3D&pxRes=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.210.81 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 18 Apr 2022 11:58:14 GMT
Server
nginx/1.14.0 (Ubuntu)
bridge3.510.1_en.html
imasdk.googleapis.com/js/core/ Frame 7E90 		631 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc89c933d5f3a060b6d6529c1f6748bbe87213a8aa11eca62361b67a2c39266b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
302969
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209821
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 23:48:45 GMT
expires
Fri, 14 Apr 2023 23:48:45 GMT
last-modified
Thu, 14 Apr 2022 23:44:31 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A1FB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ndtv.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 11:58:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 245D 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 18 Apr 2022 12:36:10 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 7E90 		90 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21833905170%2C22652678936%2Faniview_ndtv_vast__du&description_url=https%3A%2F%2Fwww.ndtv.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=603716903655982&sdkv=h.3.510.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2612500198&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.510.1&sid=51D111DC-DAD5-4FF1-90F9-A1C563387241&nel=0&eid=44752711%2C44758348%2C44761692&url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&dt=1650283094804&cookie=ID%3Dd317da4ffd7b4706%3AT%3D1650283090%3AS%3DALNI_MaFSNtPOZNsvEH4Z3AXzoSw_HcKPg&scor=1652529877939547&ged=ve4_td2_tt1_pd2_la2000_er2615.425.2773.725_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a6800dfadc0743c75e5aadd0111ff5c6e65c91734023b355b26367c9e3ed0367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17220
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 91F7 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:58:14 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
07dec4b3-9477-42a7-9730-e4177f788160
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csi
csi.gstatic.com/ Frame 7E90 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l24ny1gt&c=4480595320116&slotId=2240297660058&qqid=COSils3HnfcCFYepdwod82INHg&gqid=VlJdYqDfMYPQ3gPo3qnICw&fb=ima_html5-lima&sdkv=h.3.510.1&mrd=6&aab=1&itv=1&eee=missing-element&bi=missing-id&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44752711%2C44758348%2C44761692&met.4=ghmsh_s.l24ny1q3~ghmsh_s.l24ny1q4&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=jwFoN2CPmuYOWPXa
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 7E90 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-3076479851646180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:26:15 GMT
x-content-type-options
nosniff
age
1920
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Apr 2022 12:16:15 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7E90 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CT4ATVlJdYuSfM4fT3gPzxbXwAfLZvoRopefct5sPsJAfEAEgptz-dmCV4pCCoAegAayyj6AByAEF4AIAqAMBmAQAqgShA0_Qukbyglg___ZQg8xP3XWWYYRy4na3gRWNq1lOdxbegbga8DMSlUo0kW20ega4oHmeitq6Rli50sGLg0qMGJOnzwDtUou7EgaNgpO5v_qD0EfZGRe9pV4bLJdR6jd1Dd7O0MOQk4aJj6J2aG0uY_Rg2NusEa6sJLU2Ms_lL3iZA8ohB329bwtce84pl5c8Ih__tbRbI_Q3r5jOvCD3FV11DWx6oQ3UMRz0oJB-MflaO90FGIiNhdoE-7ZmTTxGtCEkXoXa_eop5RTMOzeG6xvXVl5PQNf-fUlKrHdF2zpNxU61xa2-ekinC9V4E_orsbbm8yBrJOsN1Uo1vDhF1phUJ7hCKsG-Ylb5TICR5GLi0J5UTOp_M8hjwFcOF4AttZYDWPFBj5eaAP5JHoZYLrw-2LLMJwR-ZT773D_-Ax2Z53tKXpaJn5zyQdCLOgRDgFMP8x2Vils16W4HQEwWSMxVyAru-KwWRHmSMu4s1aGbR_GWv5gswijvbDQZkZOL-aggiyhxMG9JtE537TmEp-GSexsXIxknP0ly4pnSMNk7d8AE0_vclfkD4AQBiAXEhMTOO5IFCAgDEAEYAVABoAZUgAe8zfDfAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0zMTQwNTc3NzcxMTU2MjQ3sQnERSIWhy0KeIAKA5gLAcgLAdALDrgMAbAT-Z74DtgTDdgUAdAVAagWAeIWAggB-BYBgBcB&sigh=lPreqMEKFzI&label=show_ad&acvw=&sdkv=h.3.510.1&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjc2MDY5Njc0MTIMNTc2NzIyMTY0NjkzQJwCUh0QDyUAAHBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 7E90 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CW9Z2VlJdYuSfM4fT3gPzxbXwAfLZvoRopefct5sPsJAfEAEgptz-dmCV4pCCoAegAayyj6AByAEF4AIAqAMBmAQAqgSeA0_Qukbyglg___ZQg8xP3XWWYYRy4na3gRWNq1lOdxbegbga8DMSlUo0kW20ega4oHmeitq6Rli50sGLg0qMGJOnzwDtUou7EgaNgpO5v_qD0EfZGRe9pV4bLJdR6jd1Dd7O0MOQk4aJj6J2aG0uY_Rg2NusEa6sJLU2Ms_lL3iZA8ohB329bwtce84pl5c8Ih__tbRbI_Q3r5jOvCD3FV11DWx6oQ3UMRz0oJB-MflaO90FGIiNhdoE-7ZmTTxGtCEkXoXa_eop5RTMOzeG6xvXVl5PQNf-fUlKrHdF2zpNxU61xa2-ekinC9V4E_orsbbm8yBrJOsN1Uo1vDhF1phUJ7hCKsG-Ylb5TICR5GLi0J5UTOp_M8hjwFcOF4AttZYDWPFBj5eaAP5JHoZYLrw-2LLMJwR-ZT773D_-Ax2Z53tKXpaJn5zyQdCLOgRDgFMP8x2Vils16W4HQEwWSMxVyAru-PQX3owBoKm-ThlJLmFE3QTY5LMbH_HJkFVzNpwIggFp97SBtYiFKy-qv3MQlz2M9a0yE1HrblO7oMAE0_vclfkD4AQBkgUICBsQARgBUAGSBQ0IIhADGAFIsaCmAVABoAZUgAe8zfDfAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQy9cvqAgB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0zMTQwNTc3NzcxMTU2MjQ3gAoDyAsBsBP5nvgOwhMGGKyyj6AByBOX5e3eA9gTDdgUAdAVAagWAeIWAggBgBcBshceChwIABIUcHViLTI1NjE0NzAyMDUyODk5MDEYg9Vy&sigh=VeJH0kUR73I&cmd=Ch1jYS12aWRlby1wdWItMjU2MTQ3MDIwNTI4OTkwMRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&vt=10&sdkv=h.3.510.1&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjc2MDY5Njc0MTIMNTc2NzIyMTY0NjkzQJwCUh0QDyUAAHBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
truncated
/ Frame 7E90 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/gif
csi
csi.gstatic.com/ Frame A1FB 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l24ny0lc&c=4480595320116&slotId=2240297660058&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E90 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.510.1&e=44752711%2C44758348%2C44761692&id=ima_html5&c=1656232365483517&domain=www.ndtv.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr5---sn-5hne6nsz.googlevideo.com/
Redirect Chain
  • https://rr5---sn-5hne6nsz.googlevideo.com/videoplayback?expire=1650311895&ei=V1JdYs93zOCBB-r3saAD&ip=185.213.155.166&id=d28b69b5aad554b2&itag=22&source=youtube&requiressl=yes&mh=QK&mm=31&mn=sn-5hne...
  • https://rr5---sn-5hne6nsz.googlevideo.com/videoplayback?expire=1650311895&ei=V1JdYs93zOCBB-r3saAD&ip=185.213.155.166&id=d28b69b5aad554b2&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctie...
543 KB
544 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr5---sn-5hne6nsz.googlevideo.com/videoplayback?expire=1650311895&ei=V1JdYs93zOCBB-r3saAD&ip=185.213.155.166&id=d28b69b5aad554b2&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1646888899273497&txp=4432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgDuJ1mLRw0Ra7Q8no24B-Lf0EAdjZJXd_PYQNAlOxoq4CICIJc8GGQ8_Duzh06_NKG590vIeWGr4CmWwA-gnOnpVz&cpn=jwFoN2CPmuYOWPXa&redirect_counter=1&rm=sn-5hnell76&req_id=70ed8f499c4d36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=QK&mip=2a03:1b20:6:f011::6e&mm=31&mn=sn-5hne6nsz&ms=au&mt=1650283035&mv=m&mvi=5&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAMST7FTqOrli6o29SmI6UtEH_AfQy26sClx-ShYEp1diAiEA-Fh3ieDbnLgl-5ZVyeOmgnTDKcTZe06R6qXQ0A2gZDY%3D
Protocol
HTTP/1.1
Server
2a00:1450:400e:4f::a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
12a4e29c96a1fdfda599991ceae53622141a8bb977b65998435cb017faaa6266
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:58:15 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 10 Mar 2022 05:08:19 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-556124/556125
Cache-Control
private, max-age=28500
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
556125
Expires
Mon, 18 Apr 2022 11:58:15 GMT

Redirect headers

Date
Mon, 18 Apr 2022 11:58:15 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://rr5---sn-5hne6nsz.googlevideo.com/videoplayback?expire=1650311895&ei=V1JdYs93zOCBB-r3saAD&ip=185.213.155.166&id=d28b69b5aad554b2&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1646888899273497&txp=4432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgDuJ1mLRw0Ra7Q8no24B-Lf0EAdjZJXd_PYQNAlOxoq4CICIJc8GGQ8_Duzh06_NKG590vIeWGr4CmWwA-gnOnpVz&cpn=jwFoN2CPmuYOWPXa&redirect_counter=1&rm=sn-5hnell76&req_id=70ed8f499c4d36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=QK&mip=2a03:1b20:6:f011::6e&mm=31&mn=sn-5hne6nsz&ms=au&mt=1650283035&mv=m&mvi=5&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAMST7FTqOrli6o29SmI6UtEH_AfQy26sClx-ShYEp1diAiEA-Fh3ieDbnLgl-5ZVyeOmgnTDKcTZe06R6qXQ0A2gZDY%3D
Cache-Control
private, max-age=900
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
Expires
Mon, 18 Apr 2022 11:58:15 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7E90 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CT4ATVlJdYuSfM4fT3gPzxbXwAfLZvoRopefct5sPsJAfEAEgptz-dmCV4pCCoAegAayyj6AByAEF4AIAqAMBmAQAqgShA0_Qukbyglg___ZQg8xP3XWWYYRy4na3gRWNq1lOdxbegbga8DMSlUo0kW20ega4oHmeitq6Rli50sGLg0qMGJOnzwDtUou7EgaNgpO5v_qD0EfZGRe9pV4bLJdR6jd1Dd7O0MOQk4aJj6J2aG0uY_Rg2NusEa6sJLU2Ms_lL3iZA8ohB329bwtce84pl5c8Ih__tbRbI_Q3r5jOvCD3FV11DWx6oQ3UMRz0oJB-MflaO90FGIiNhdoE-7ZmTTxGtCEkXoXa_eop5RTMOzeG6xvXVl5PQNf-fUlKrHdF2zpNxU61xa2-ekinC9V4E_orsbbm8yBrJOsN1Uo1vDhF1phUJ7hCKsG-Ylb5TICR5GLi0J5UTOp_M8hjwFcOF4AttZYDWPFBj5eaAP5JHoZYLrw-2LLMJwR-ZT773D_-Ax2Z53tKXpaJn5zyQdCLOgRDgFMP8x2Vils16W4HQEwWSMxVyAru-KwWRHmSMu4s1aGbR_GWv5gswijvbDQZkZOL-aggiyhxMG9JtE537TmEp-GSexsXIxknP0ly4pnSMNk7d8AE0_vclfkD4AQBiAXEhMTOO5IFCAgDEAEYAVABoAZUgAe8zfDfAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0zMTQwNTc3NzcxMTU2MjQ3sQnERSIWhy0KeIAKA5gLAcgLAdALDrgMAbAT-Z74DtgTDdgUAdAVAagWAeIWAggB-BYBgBcB&sigh=lPreqMEKFzI&label=video_ad_loaded&acvw=&sdkv=h.3.510.1&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjc2MDY5Njc0MTIMNTc2NzIyMTY0NjkzQJwCUh0QDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 7E90 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 10:58:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
521972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 12 Apr 2023 10:58:43 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 7E90 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CW9Z2VlJdYuSfM4fT3gPzxbXwAfLZvoRopefct5sPsJAfEAEgptz-dmCV4pCCoAegAayyj6AByAEF4AIAqAMBmAQAqgSeA0_Qukbyglg___ZQg8xP3XWWYYRy4na3gRWNq1lOdxbegbga8DMSlUo0kW20ega4oHmeitq6Rli50sGLg0qMGJOnzwDtUou7EgaNgpO5v_qD0EfZGRe9pV4bLJdR6jd1Dd7O0MOQk4aJj6J2aG0uY_Rg2NusEa6sJLU2Ms_lL3iZA8ohB329bwtce84pl5c8Ih__tbRbI_Q3r5jOvCD3FV11DWx6oQ3UMRz0oJB-MflaO90FGIiNhdoE-7ZmTTxGtCEkXoXa_eop5RTMOzeG6xvXVl5PQNf-fUlKrHdF2zpNxU61xa2-ekinC9V4E_orsbbm8yBrJOsN1Uo1vDhF1phUJ7hCKsG-Ylb5TICR5GLi0J5UTOp_M8hjwFcOF4AttZYDWPFBj5eaAP5JHoZYLrw-2LLMJwR-ZT773D_-Ax2Z53tKXpaJn5zyQdCLOgRDgFMP8x2Vils16W4HQEwWSMxVyAru-PQX3owBoKm-ThlJLmFE3QTY5LMbH_HJkFVzNpwIggFp97SBtYiFKy-qv3MQlz2M9a0yE1HrblO7oMAE0_vclfkD4AQBkgUICBsQARgBUAGSBQ0IIhADGAFIsaCmAVABoAZUgAe8zfDfAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQy9cvqAgB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0zMTQwNTc3NzcxMTU2MjQ3gAoDyAsBsBP5nvgOwhMGGKyyj6AByBOX5e3eA9gTDdgUAdAVAagWAeIWAggBgBcBshceChwIABIUcHViLTI1NjE0NzAyMDUyODk5MDEYg9Vy&sigh=VeJH0kUR73I&cmd=Ch1jYS12aWRlby1wdWItMjU2MTQ3MDIwNTI4OTkwMRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&sdkv=h.3.510.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
B26209695.312711653;dc_trk_aid=505546239;dc_trk_cid=157182492;dc_dbm_token=AD1EzRQAAAA6CjMKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIxITEzjuoAqbz6uACsAK_kokMQDsQl-e6AWDEzn4SOfSm4wejIynb90M=;ord=12288...
ad.doubleclick.net/ddm/trackimp/N972952.279382BIDMANAGER_DFASITE/ Frame 7E90 		42 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N972952.279382BIDMANAGER_DFASITE/B26209695.312711653;dc_trk_aid=505546239;dc_trk_cid=157182492;dc_dbm_token=AD1EzRQAAAA6CjMKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIxITEzjuoAqbz6uACsAK_kokMQDsQl-e6AWDEzn4SOfSm4wejIynb90M=;ord=1228898953;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_exteid=15059524440191666319;dc_av=536;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23?gclid=EAIaIQobChMI5KKWzced9wIVh6l3Ch3zYg0eEAEYASAAEgLuafD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil02s06-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7E90 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C6U76VlJdYuSfM4fT3gPzxbXwAfLZvoRopefct5sPsJAfEAEgptz-dmCV4pCCoAegAayyj6AByAEF4AIAqAMBmAQAqgSeA0_Qukbyglg___ZQg8xP3XWWYYRy4na3gRWNq1lOdxbegbga8DMSlUo0kW20ega4oHmeitq6Rli50sGLg0qMGJOnzwDtUou7EgaNgpO5v_qD0EfZGRe9pV4bLJdR6jd1Dd7O0MOQk4aJj6J2aG0uY_Rg2NusEa6sJLU2Ms_lL3iZA8ohB329bwtce84pl5c8Ih__tbRbI_Q3r5jOvCD3FV11DWx6oQ3UMRz0oJB-MflaO90FGIiNhdoE-7ZmTTxGtCEkXoXa_eop5RTMOzeG6xvXVl5PQNf-fUlKrHdF2zpNxU61xa2-ekinC9V4E_orsbbm8yBrJOsN1Uo1vDhF1phUJ7hCKsG-Ylb5TICR5GLi0J5UTOp_M8hjwFcOF4AttZYDWPFBj5eaAP5JHoZYLrw-2LLMJwR-ZT773D_-Ax2Z53tKXpaJn5zyQdCLOgRDgFMP8x2Vils16W4HQEwWSMxVyAru-PQX3owBoKm-ThlJLmFE3QTY5LMbH_HJkFVzNpwIggFp97SBtYiFKy-qv3MQlz2M9a0yE1HrblO7oMAE0_vclfkD4AQBiAXEhMTOO6AGVIAHvM3w3wKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMzE0MDU3Nzc3MTE1NjI0N4AKA8gLAbAT-Z74DtgTDdgUAdAVAagWAeIWAggB-BYBgBcB&sigh=VZacPlLVgUI&cmd=Ch1jYS12aWRlby1wdWItMjU2MTQ3MDIwNTI4OTkwMRAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D924%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D2615,425,2975,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D401%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D774731410%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1826%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1650283095140&sdkv=h.3.510.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjc2MDY5Njc0MTIMNTc2NzIyMTY0NjkzQJwCUiAQDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25IvQJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7E90 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoH7ZmS4o84sqZQBXgmpdCHCuildce0PMciXtrumD9oau9dzMOTarE7hno-HXH26FXthkrv_bMFil07T_QllBDKVf4KnXjvB4brR0rxz12NGLq7Htixg&sai=AMfl-YRosUAeSePklEHcx7tveWRIt4zAYRlR53EOWnqiEFaPJNAis6BzhxdaPy6NU21eW1uBe3WIOwFdJzFVZdzsP7K0mg3JueM6lY5QIZbMcRlx79i_y6Al67R5Jkuy&sig=Cg0ArKJSzDirlePNvkdhEAE&cid=CAASF-Rop90mPzkUeafOR2M3LQoj5bmjUNat&id=lidarv&acvw=sv%3D924%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D2615,425,2975,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D401%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D774731410%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1828%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1650283095140&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview_ext
pagead2.googlesyndication.com/ Frame 7E90 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&avm=1&dc_pubid=3&dc_exteid=15059524440191666319&acvw=sv%3D924%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D2615,425,2975,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D401%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D774731410%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1828%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1650283095140?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=15059524440191666319;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D924%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D2615,425,2975,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7E90 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=15059524440191666319;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D924%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D2615,425,2975,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D401%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D774731410%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1828%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1650283095140?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7E90 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C6U76VlJdYuSfM4fT3gPzxbXwAfLZvoRopefct5sPsJAfEAEgptz-dmCV4pCCoAegAayyj6AByAEF4AIAqAMBmAQAqgSeA0_Qukbyglg___ZQg8xP3XWWYYRy4na3gRWNq1lOdxbegbga8DMSlUo0kW20ega4oHmeitq6Rli50sGLg0qMGJOnzwDtUou7EgaNgpO5v_qD0EfZGRe9pV4bLJdR6jd1Dd7O0MOQk4aJj6J2aG0uY_Rg2NusEa6sJLU2Ms_lL3iZA8ohB329bwtce84pl5c8Ih__tbRbI_Q3r5jOvCD3FV11DWx6oQ3UMRz0oJB-MflaO90FGIiNhdoE-7ZmTTxGtCEkXoXa_eop5RTMOzeG6xvXVl5PQNf-fUlKrHdF2zpNxU61xa2-ekinC9V4E_orsbbm8yBrJOsN1Uo1vDhF1phUJ7hCKsG-Ylb5TICR5GLi0J5UTOp_M8hjwFcOF4AttZYDWPFBj5eaAP5JHoZYLrw-2LLMJwR-ZT773D_-Ax2Z53tKXpaJn5zyQdCLOgRDgFMP8x2Vils16W4HQEwWSMxVyAru-PQX3owBoKm-ThlJLmFE3QTY5LMbH_HJkFVzNpwIggFp97SBtYiFKy-qv3MQlz2M9a0yE1HrblO7oMAE0_vclfkD4AQBiAXEhMTOO6AGVIAHvM3w3wKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMzE0MDU3Nzc3MTE1NjI0N4AKA8gLAbAT-Z74DtgTDdgUAdAVAagWAeIWAggB-BYBgBcB&sigh=VZacPlLVgUI&cmd=Ch1jYS12aWRlby1wdWItMjU2MTQ3MDIwNTI4OTkwMRAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D924%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D2615,425,2975,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D401%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D774731410%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1829%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1650283095140&sdkv=h.3.510.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjc2MDY5Njc0MTIMNTc2NzIyMTY0NjkzQJwCUiAQDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25IvQJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=15059524440191666319;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D924%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D2615,425,2975,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7E90 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=15059524440191666319;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D924%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D2615,425,2975,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D401%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D774731410%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1829%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1650283095140?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E90 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.510.1&e=44752711%2C44758348%2C44761692&id=ima_html5&c=1656232365483517&domain=www.ndtv.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7E90 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C6U76VlJdYuSfM4fT3gPzxbXwAfLZvoRopefct5sPsJAfEAEgptz-dmCV4pCCoAegAayyj6AByAEF4AIAqAMBmAQAqgSeA0_Qukbyglg___ZQg8xP3XWWYYRy4na3gRWNq1lOdxbegbga8DMSlUo0kW20ega4oHmeitq6Rli50sGLg0qMGJOnzwDtUou7EgaNgpO5v_qD0EfZGRe9pV4bLJdR6jd1Dd7O0MOQk4aJj6J2aG0uY_Rg2NusEa6sJLU2Ms_lL3iZA8ohB329bwtce84pl5c8Ih__tbRbI_Q3r5jOvCD3FV11DWx6oQ3UMRz0oJB-MflaO90FGIiNhdoE-7ZmTTxGtCEkXoXa_eop5RTMOzeG6xvXVl5PQNf-fUlKrHdF2zpNxU61xa2-ekinC9V4E_orsbbm8yBrJOsN1Uo1vDhF1phUJ7hCKsG-Ylb5TICR5GLi0J5UTOp_M8hjwFcOF4AttZYDWPFBj5eaAP5JHoZYLrw-2LLMJwR-ZT773D_-Ax2Z53tKXpaJn5zyQdCLOgRDgFMP8x2Vils16W4HQEwWSMxVyAru-PQX3owBoKm-ThlJLmFE3QTY5LMbH_HJkFVzNpwIggFp97SBtYiFKy-qv3MQlz2M9a0yE1HrblO7oMAE0_vclfkD4AQBiAXEhMTOO6AGVIAHvM3w3wKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMzE0MDU3Nzc3MTE1NjI0N4AKA8gLAbAT-Z74DtgTDdgUAdAVAagWAeIWAggB-BYBgBcB&sigh=VZacPlLVgUI&cmd=Ch1jYS12aWRlby1wdWItMjU2MTQ3MDIwNTI4OTkwMRAAGAI&label=admute&ad_mt=0&acvw=sv%3D924%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D2615,425,2975,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D13%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D13%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D13%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D401%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D774731410%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1834%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1650283095140&sdkv=h.3.510.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjc2MDY5Njc0MTIMNTc2NzIyMTY0NjkzQJwCUiAQDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25IvQJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=15059524440191666319;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D924%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D2615,425,2975,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7E90 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=15059524440191666319;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D924%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D2615,425,2975,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D13%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D13%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D13%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D401%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D774731410%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1834%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1650283095140?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
init-1118laf8ur58pv1xytjm.js
api.fouanalytics.com/api/ 		0
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.fouanalytics.com/api/init-1118laf8ur58pv1xytjm.js?di=www.ndtv.com&ui=1650283093008-912834300205-005476-003-004954&md=2&ap=&sr=aniview.com&pp=614ae5b1d660a1446c352c0d&ti=88f179c84254fe96a360cc8c612d6880_17231517_9346756&de=2&si=614ae5b1d660a1446c352c0d&dm=640x360&pi=614c9359d1cd29501548ee14&bt=programmatic&gt=DE&ac=614ae5e4dfd55f034b6d3714&pc=&cr=&c1=59c9148628a0612da3689288&c2=614ae5e4dfd55f034b6d3714&c3=614ae5b1d660a1446c352c0d&c4=614ae69d29bdb349a0629fc6&c5=614ae6a95c7eb072a57ff2c6&c6=614ae5b1d660a1446c352c0d&c7=614ae6a95c7eb072a57ff2c6&c8=60a9f081713150376424ef6f&c9=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=614ae5b1d660a1446c352c0d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9njACJAv%2FyHuqIpvGIeQ5ei3jjZmtOVCfGUI6E9tIqaT32qT2oZz2olkiwpyrZZYiFtvkx4wNuwI2ZvpxLA3jVe%2BJpi%2FYMa8AUT%2F5cvc0wgebk6cYby%2BdoBI9Chsv6AFYtbHhO90Z4AMkY8%2BNIiGjEq%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
6fdd3a42fb75900d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.ndtv.com&rs=www.ndtv.com&sid=26536&t=1650283093&cip=185.213.155.166&sn=&tgt=0&osv=10&bv=100.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=614ae5b1d660a1446c352c0d&test=4&aafaid=&proto=https&uid=1650283093008-912834300205-005476-003-004954&cha=0.1&stagid=614ae73c247c816b3714756b&stplid=614ae7204084214cd6616f24&d35=&d36=6.2.13&cb=80320118832&d9=1000&d37=realtime&AV_WIDTH=640&AV_HEIGHT=360&asid=614ae69d29bdb349a0629fc6%7C614c9359d1cd29501548ee14&pid=614ae5b1d660a1446c352c0d%7C59c9148628a0612da3689288&cid=614ae6a95c7eb072a57ff2c6%7C614ae5e4dfd55f034b6d3714&h=1b086029e1809fbfcb7865623f4b7063c2f72b44&d9=1000&ad=20&vi=0&ofpr=0.8&imid=88f179c84254fe96a360cc8c612d6880_17231517_17075674_2&e=impression&cb=1650283094491&ad=20&vi=0&d4=2&d5=2&d1=vpaid&fv=3&cb=1650283094642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.68.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-68-121.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.ndtv.com&rs=www.ndtv.com&sid=26536&t=1650283093&cip=185.213.155.166&sn=&tgt=0&osv=10&bv=100.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=614ae5b1d660a1446c352c0d&test=4&aafaid=&proto=https&uid=1650283093008-912834300205-005476-003-004954&cha=0.1&stagid=614ae73c247c816b3714756b&stplid=614ae7204084214cd6616f24&d35=&d36=6.2.13&cb=80320118832&d9=1000&d37=realtime&AV_WIDTH=640&AV_HEIGHT=360&asid=614ae69d29bdb349a0629fc6%7C614c9359d1cd29501548ee14&pid=614ae5b1d660a1446c352c0d%7C59c9148628a0612da3689288&cid=614ae6a95c7eb072a57ff2c6%7C614ae5e4dfd55f034b6d3714&h=1b086029e1809fbfcb7865623f4b7063c2f72b44&d9=1000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=0.8&imid=88f179c84254fe96a360cc8c612d6880_17231517_17075674_[AVC_WFCYCLE]&e=start&d1=vpaid&fv=3&cb=1650283094642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.68.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-68-121.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
nd-24x7.svg
cdn.ndtv.com/static/web/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ndtv.com/static/web/images/nd-24x7.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e2a6bdf273bffa2aa954a722f1e4b011faf8fef932ced3ab8472dbd84a6964d8
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
content-encoding
gzip
last-modified
Mon, 13 Sep 2021 06:59:29 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=7776000
strict-transport-security
max-age=2628000
accept-ranges
bytes
content-length
1482
expires
Sun, 17 Jul 2022 11:58:15 GMT
nd-india.svg
cdn.ndtv.com/static/web/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ndtv.com/static/web/images/nd-india.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cf0d7416fca1a50a7911003233baf97224710870c61940f690b24dbd2e7058b0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
content-encoding
gzip
last-modified
Mon, 13 Sep 2021 06:59:29 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=7776000
strict-transport-security
max-age=2628000
accept-ranges
bytes
content-length
2363
expires
Sun, 17 Jul 2022 11:58:15 GMT
profit_logo.svg
cdn.ndtv.com/static/web/images/ 		20 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ndtv.com/static/web/images/profit_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0ff597f382b4119059eb7eb0c78fe221b8552a3879b93f9bc3d8870d4c97a586
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
content-encoding
gzip
last-modified
Mon, 13 Sep 2021 06:59:29 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=7776000
strict-transport-security
max-age=2628000
accept-ranges
bytes
content-length
6861
expires
Sun, 17 Jul 2022 11:58:15 GMT
nd-24x7.svg
www.ndtv.com/static/web/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ndtv.com/static/web/images/nd-24x7.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e2a6bdf273bffa2aa954a722f1e4b011faf8fef932ced3ab8472dbd84a6964d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
content-encoding
gzip
last-modified
Mon, 13 Sep 2021 06:59:29 GMT
server
nginx
vary
Accept-Encoding, User-Agent
content-type
image/svg+xml
cache-control
max-age=298278750
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
1482
expires
Tue, 30 Sep 2031 19:10:45 GMT
nd-india.svg
www.ndtv.com/static/web/images/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ndtv.com/static/web/images/nd-india.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf0d7416fca1a50a7911003233baf97224710870c61940f690b24dbd2e7058b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
content-encoding
gzip
last-modified
Mon, 11 Oct 2021 09:34:50 GMT
server
nginx
vary
Accept-Encoding, User-Agent
content-type
image/svg+xml
cache-control
max-age=300575229
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
2363
expires
Mon, 27 Oct 2031 09:05:24 GMT
4qdnteno_amway-website_120x90_18_April_22.jpg
c.ndtvimg.com/2022-04/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.ndtvimg.com/2022-04/4qdnteno_amway-website_120x90_18_April_22.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1525fb676c2c4a51d19bb5acb09495d6579952f54477606a8266dfe0bc1f56d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
x-check-cacheable
YES
x-serial
1401
etag
"35be822389530e4386aa650a77961854-1"
content-type
image/webp
cache-control
private, no-transform, max-age=2588355
last-modified
Mon, 18 Apr 2022 10:57:07 GMT
content-length
10800
server
Akamai Image Manager
expires
Wed, 18 May 2022 10:57:30 GMT
ms2eomgo_neetu-kapoor_120x90_18_April_22.jpg
c.ndtvimg.com/2022-04/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.ndtvimg.com/2022-04/ms2eomgo_neetu-kapoor_120x90_18_April_22.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
4e19ca1270496b1b96e7e74ead4b34c67133d6f29376d34da8b7a26ac8ca9a32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
x-check-cacheable
YES
x-serial
1431
etag
"131e714f0395c2f22c0d912f1ec09791-1"
content-type
image/webp
cache-control
private, no-transform, max-age=2581016
last-modified
Mon, 18 Apr 2022 08:55:20 GMT
content-length
7432
server
Akamai Image Manager
expires
Wed, 18 May 2022 08:55:11 GMT
f69jltn8_aamirruhee240_120x90_18_April_22.jpg
c.ndtvimg.com/2022-04/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.ndtvimg.com/2022-04/f69jltn8_aamirruhee240_120x90_18_April_22.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9837ff1b9b5c890cfb2000eedb60ad9e1eea565fbb8c8513a6d8a3a1cd8b187c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
last-modified
Mon, 18 Apr 2022 09:52:51 GMT
server
Akamai Image Manager
etag
"a1be27636f5614e9501ed2bd91a7ee7d-1"
content-type
image/webp
cache-control
private, no-transform, max-age=2584483
content-length
7912
expires
Wed, 18 May 2022 09:52:58 GMT
3hcq38eo_alia-bhatt-ranbir-kapoor_120x90_15_April_22.jpg
c.ndtvimg.com/2022-04/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.ndtvimg.com/2022-04/3hcq38eo_alia-bhatt-ranbir-kapoor_120x90_15_April_22.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
6a97fba598af2b2ab51ac27ab253e61e66897646280b561b0f9c8ed0feb6d562

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
x-check-cacheable
YES
x-serial
1055
etag
"1b525ffca9ffda7b4aa4117937dc4c0f-1"
content-type
image/jpeg
cache-control
private, no-transform, max-age=2316959
last-modified
Fri, 15 Apr 2022 07:34:20 GMT
content-length
38734
server
Akamai Image Manager
expires
Sun, 15 May 2022 07:34:14 GMT
3q0guamg_aliasabya1_120x90_14_April_22.jpg
c.ndtvimg.com/2022-04/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.ndtvimg.com/2022-04/3q0guamg_aliasabya1_120x90_14_April_22.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
40b0582a0e053cadd789c6a88e0292f9e8711e1a2509c708d147064b85dc71b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
x-check-cacheable
YES
x-serial
1574
etag
"eb7dc8159456d3b9cd4379ef7f2767ce-1"
content-type
image/webp
cache-control
private, no-transform, max-age=2223633
last-modified
Thu, 14 Apr 2022 05:40:28 GMT
content-length
67008
server
Akamai Image Manager
expires
Sat, 14 May 2022 05:38:48 GMT
tud2qopg_aliaranbirwedding1_120x90_18_April_22.jpg
c.ndtvimg.com/2022-04/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.ndtvimg.com/2022-04/tud2qopg_aliaranbirwedding1_120x90_18_April_22.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
71c84082f06b4c677043354f1b6177134b87adbd1bdb9d48b85905f36110e38b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
x-check-cacheable
YES
x-serial
20
etag
"3f8d08b5e615a66c60ba5ef341e696a2-1"
content-type
image/jpeg
cache-control
private, no-transform, max-age=2576303
last-modified
Mon, 18 Apr 2022 07:35:50 GMT
content-length
47935
server
Akamai Image Manager
expires
Wed, 18 May 2022 07:36:38 GMT
next_blog_arrow_big_new.png
cdn.ndtv.com/static/ndtv_2014/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ndtv.com/static/ndtv_2014/images/next_blog_arrow_big_new.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2f3c9dfcf089f8cd802a7771c6a5e359baae8cba73fed2153ef0dd802e5ef04c
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
last-modified
Mon, 11 Oct 2021 09:34:52 GMT
strict-transport-security
max-age=2628000
content-type
image/png
cache-control
max-age=7776000
accept-ranges
bytes
content-length
1207
expires
Sun, 17 Jul 2022 11:58:15 GMT
prev_blog_arrow_big_new.png
cdn.ndtv.com/static/ndtv_2014/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ndtv.com/static/ndtv_2014/images/prev_blog_arrow_big_new.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
074dcc2dd0041092ca75998f293bc08dee81495a8f1993d9913320cdb3fc1e88
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
last-modified
Mon, 13 Sep 2021 06:59:33 GMT
strict-transport-security
max-age=2628000
content-type
image/png
cache-control
max-age=7776000
accept-ranges
bytes
content-length
1210
expires
Sun, 17 Jul 2022 11:58:15 GMT
e26ja6cc_suth-africa-floods_120x90_18_April_22.jpg
c.ndtvimg.com/2022-04/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.ndtvimg.com/2022-04/e26ja6cc_suth-africa-floods_120x90_18_April_22.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
42dc5d0ebb999932f913982e5274328dd00d6b471e10a21d1eb4788518b874ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
last-modified
Mon, 18 Apr 2022 11:35:02 GMT
server
Akamai Image Manager
etag
"afe08ce8b3f9a76c8442f070452f7be4-1"
content-type
image/webp
cache-control
private, no-transform, max-age=2590591
content-length
8384
expires
Wed, 18 May 2022 11:34:46 GMT
8sr6d1ag_nitish-kumar-ani_120x90_18_March_22.jpg
c.ndtvimg.com/2022-03/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.ndtvimg.com/2022-03/8sr6d1ag_nitish-kumar-ani_120x90_18_March_22.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
0545b9603060652c66a0d9d1a71b22696acbcd5cd8a6eca8a5516954852daa7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
x-check-cacheable
YES
x-serial
362
etag
"8bd7d983a55c7b28502901efdc78337c-1"
content-type
image/webp
cache-control
private, no-transform, max-age=2245510
last-modified
Fri, 18 Mar 2022 11:39:23 GMT
content-length
6552
server
Akamai Image Manager
expires
Sat, 14 May 2022 11:43:25 GMT
rp38hpqg_ukraine-warreuters_120x90_18_April_22.jpg
c.ndtvimg.com/2022-04/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.ndtvimg.com/2022-04/rp38hpqg_ukraine-warreuters_120x90_18_April_22.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
30c5fac86e436689b3c77017c8e2b3f90abe3609b96efb19d3093c8827afefa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
x-check-cacheable
YES
x-serial
589
etag
"9e525033cebaa6f87feafc67b92f2a32-1"
content-type
image/webp
cache-control
private, no-transform, max-age=2589575
last-modified
Mon, 18 Apr 2022 11:17:52 GMT
content-length
12328
server
Akamai Image Manager
expires
Wed, 18 May 2022 11:17:50 GMT
afg6spm_electricity-bloomberg_120x90_18_April_22.jpg
c.ndtvimg.com/2022-04/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.ndtvimg.com/2022-04/afg6spm_electricity-bloomberg_120x90_18_April_22.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c212c11043b37efadf724a3bb4e87c97ba163c9743f24e70abe23359d33ad08e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
x-check-cacheable
YES
x-serial
42
etag
"063e70ca8d878a655a8bc71f4fa32dd3-1"
content-type
image/webp
cache-control
private, no-transform, max-age=2589564
last-modified
Mon, 18 Apr 2022 11:17:05 GMT
content-length
12342
server
Akamai Image Manager
expires
Wed, 18 May 2022 11:17:39 GMT
rcgnc2j_apple_120x90_30_March_22.png
c.ndtvimg.com/2022-03/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.ndtvimg.com/2022-03/rcgnc2j_apple_120x90_30_March_22.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::24e8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c87df69409c1157dfd6eb38773268bfb11fa55daee7ff2fcb59088e9a72004d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:15 GMT
last-modified
Wed, 30 Mar 2022 17:47:53 GMT
server
AmazonS3
etag
"d693169e007ab2b3d21e002c2394712d-1"
content-type
image/png
cache-control
max-age=2589241
accept-ranges
bytes
content-length
68251
expires
Wed, 18 May 2022 11:12:16 GMT
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame AA27 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
470524
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 01:16:11 GMT
expires
Thu, 13 Apr 2023 01:16:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
pagead2.googlesyndication.com/bg/ Frame AA27 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 22:25:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
48740
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 17 Apr 2023 22:25:55 GMT
truncated
/ 		492 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
playback
s.youtube.com/api/stats/ Frame 7E90 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/playback?ns=yt&fexp=44752711%2C44758348%2C44761692&el=adunit&cpn=jwFoN2CPmuYOWPXa&docid=0otptarVVLI&visitordata=CgtBNVRZbnduVWpQYw%253D%253D&ver=2&cmt=0.207&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.ndtv.com%2F&len=15.000&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=100.0.4896.75&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=13&rtn=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::65 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA27 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.510.1&bgai=B1s0FVlJdYuSfM4fT3gPzxbXwAQAAAAA4AboFEwig4pTNx533AhUDqHcKHWhvCrk&bg=!ICOlI2fNAAZvJBiFTyQ7ACkAdvg8WjyZqktcUSr7AMF93_dzm4Z6tm-JpxhGyWLdbTUf1E1nBglrEgIAAABUUgAAAAJoAQcKAPF3lviM7MfAPPLFnSpg439TcoWw2k8MzqwutEdg40imW1SLQ-Df6mRE07i8EThDCuktxpClYRYTsYpBzgmDKCGUSA4fK4lIE_p1H2czIJ8DFG5-mkg6Luq9bjbhu0-V6vVa3nifltzpXHtePFwrq3D9FO79jNswkUuHfYb-9DKDnK-n5Lga8tBGGuLoRRPFCeIA8JPkw45qKtJP2AhHqfEDCE3tC_Ycy1t2Q5y9pykMNUjI4GjBVboR_KejaYZepn_FSIXCuNGWDQ8Z6DFphkc7ZcAKH3EYma_wjm0m4p04GzQbAQk9KWLA37J_QYbuUDcDmQJPeVbbzCql55g4Qny28yGZ8VACpjpwgtzS368LyQWEsr-1fajKGLnqVIWpTC5PzdwzdmOo3I9zIGa9DPXrF8K6ndew3ORnYkoX34ccb8BJRNmLwShGmsCfZBfSzNYssqiQ9udomAYoIPtekOWI-MNieIjH7T-34VhXpRECVrnz8B3iTEeJPH2s8vFTDhcNmkpg96MuVDjhg1XzqlUzRYskmsVa8XthRJX8hJ3wHNgYDxVTUJV2btMF63kXvJgxD-HOdtHzp6brkhWBlunA_43toAuiAgZqbmRynH4kFpH9i4aZat3CmO7MPZmQcWUxjqJdHyelvz-6UR663eWdWOVm8CAecQLaQGPQElLfdzALa61k9NGnNq9RtagZVYco8ch_a0r9oPWVy139AsgsCeKcGzu9yBq05JPgCMa6XCZAFPtLxtfHlHUW_85A2YD3L1Obp7cmDXYcCDMIny9LlfTZq0GhwRq1nN1Mx8bbo07Fd53gD8g4HmoEBBEWXuH2BW3pFcBV8_slo4QW5AnERNtbsAAsZHBtCdj0P1_vhjBo7hfSCSaM559rqcK7A-FJc-c7Ktzypa1IViJ1A5j8LUHQpM-K30nzOkOUSAUUXHQ0bZSVngAO8AUS8GoGG0y2rTWDz_LMLUX8w_-NO-fr1hXj1eP9QZcnyKGqDyz7pL8ER48DqFIA7G1sIecJOEw5iqoITGVfw6m5zjQLIlPe4SkurgDLmN-SqX9VIbYQ9oahplzafGpOmY6yWi2rOvt1yVEpY5YGmdNIl4c6vzTn0034
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 7E90 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l24ny1qx&c=4480595320116&slotId=2240297660058&qqid=COSils3HnfcCFYepdwod82INHg&gqid=VlJdYqDfMYPQ3gPo3qnICw&fb=ima_html5-lima&sdkv=h.3.510.1&mrd=6&aab=1&itv=1&met.4=ghmsh_s.l24ny1r0~vss_tr.cz~ff.l24ny20a~vss_pp.sv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adpushup.js
cdn.adpushup.com/42804/ 		393 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42804/adpushup.js
Requested by
Host: t.co
URL: https://t.co/EPE1QIG4we
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:99f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
355273fd7508ba75e19a97a709204a6448a4f36972a90bd71111417db1688fe5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Apr 2022 13:34:12 GMT
server
cloudflare
age
512643
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
x-cf-geodata
DE
cf-ray
6fdd3a4b2aeb6903-FRA
expires
Tue, 19 Apr 2022 11:58:16 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42804/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:16 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-14e98"
vary
Accept-Encoding
x-hw
1650283096.dop136.am5.t,1650283096.cds237.am5.hn,1650283096.cds302.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
pb.42804.1649770399895.js
cdn.adpushup.com/prebid/ 		351 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42804/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:99f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7cddd0f22db630a6d8980f83159e6c0cc28a003e628d6bdcd9225782073089a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Apr 2022 13:33:57 GMT
server
cloudflare
age
512651
etag
W/"62557fc5-57afc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fdd3a4bdc046903-FRA
expires
Tue, 18 Apr 2023 11:58:16 GMT
f7240bb4-9f75-445f-87aa-d085e08e2dfe
https://www.ndtv.com/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.ndtv.com/f7240bb4-9f75-445f-87aa-d085e08e2dfe
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
3743
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42804/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:99f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
cloudflare
age
4240481
etag
W/"60d94cdb-1c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fdd3a4c1c6f6903-FRA
expires
Tue, 18 Apr 2023 11:58:16 GMT
log
aplogger.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aplogger.adpushup.com/log?pxRes=false&event=PPID_ANALYTICS_C1&data=eyJ1c2VySWQiOm51bGwsInNlc3Npb25JZCI6bnVsbCwicHBpZEFwcGxpY2FibGUiOiJNaXNzaW5nIiwic2l0ZUlkIjo0MjgwNH0%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.210.81 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 18 Apr 2022 11:58:16 GMT
Server
nginx/1.14.0 (Ubuntu)
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:16 GMT
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NTAyODMwOTY5NzYsInBhY2tldElkIjoiMDAwMEE3MzQtNDE4NDM4YjMtMzQzYy00YmI2LThhYzktNTFkMmJlYjRiZWJiIiwic2l0ZUlkIjo0MjgwNCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vd3d3Lm5kdHYuY29tLyIsInVybCI6Imh0dHBzOi8vd3d3Lm5kdHYuY29tL3dvcmxkLW5ld3Mvd2VzdGVybi1oYWNrZXJzLXVzZWQtcnVzc2lhcy1vd24tcmFuc29td2FyZS1hZ2FpbnN0LWl0LWluLWN5YmVyYXR0YWNrLW9uLXJvc2Nvc21vcy1yZXBvcnQtMjg4NTQ3MiIsIm1vZGUiOjIsImVycm9yQ29kZSI6NywicmVmZXJyZXIiOiJodHRwczovL3QuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:16 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NTAyODMwOTY5ODIsInBhY2tldElkIjoiMDAwMEE3MzQtNDE4NDM4YjMtMzQzYy00YmI2LThhYzktNTFkMmJlYjRiZWJiIiwic2l0ZUlkIjo0MjgwNCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vd3d3Lm5kdHYuY29tLyIsInVybCI6Imh0dHBzOi8vd3d3Lm5kdHYuY29tL3dvcmxkLW5ld3Mvd2VzdGVybi1oYWNrZXJzLXVzZWQtcnVzc2lhcy1vd24tcmFuc29td2FyZS1hZ2FpbnN0LWl0LWluLWN5YmVyYXR0YWNrLW9uLXJvc2Nvc21vcy1yZXBvcnQtMjg4NTQ3MiIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiJodHRwczovL3QuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiYzQ4MjE5YzktYmVmNi00NTBjLTk1M2QtYTA0Y2Y4OGRhMmMxIiwic2VjdGlvbk5hbWUiOiJBRFBfNDI4MDRfMzAweDI1MF9jNDgyMV9ORFRWX05ld3NfUk9TXzMwMHgyNTBfQlRGIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80MjgwNF8zMDB4MjUwX2M0ODIxX05EVFZfTmV3c19ST1NfMzAweDI1MF9CVEYiLCJzZXJ2aWNlcyI6WzIsM10sImFkVW5pdFR5cGUiOjF9XX0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:16 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:17 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 25 Apr 2022 11:58:17 GMT
adpush
adpush.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adpush.technoratimedia.com/openrtb/bids/adpush?src=prebid_prebid_4.43.0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.148.45.191 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ndtv.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://www.ndtv.com
age
0
date
Mon, 18 Apr 2022 11:58:17 GMT
server
nginx
via
1.1 varnish
x-varnish
883861223
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220418
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3113f69bb04f4800ae206915ee9ca4970d6141040a035a8d9f95bbcbd2cd678
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Apr 2022 11:58:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
32240
x-jsd-version
1.0.1314
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19121-FRA, cache-itm18835-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66a-kdQhJwMK6yD7ryCGeRKGJ3ik1wM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjbhBzzEBBDIy8Ce8cOshPTn8H1WZ3j6eofrSqm0EHuUf%2F9ttL6%2Fe%2BmZlr0G%2FZmU3TMfdZ4O9Gw0VcxuWWONK908OWoiKyVadWeGumOzbnDNUIk8v2YJmVOCmD%2B7ICmpPWeX5PNiOBgec7QmKt0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6fdd3a4cbda49966-FRA
access-control-expose-headers
*
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.173.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-173-189.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d3a0b3f90ea805e2fe0963729af768086ee5408a8e89986dcf0c8c868a33d2e1

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:17 GMT
content-encoding
gzip
x-prebid
pbs-java/1.86.0
content-type
application/json
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=383960&zone_id=2133460&size_id=15&rp_schain=1.0,1!adpushup.com,7211546524c2c50f57c12fd724655910,1,,,&eid_pubcid.org=3c50ec84-8acd-49b4-bad3-d626040d9983%5E1&eid_quantcast.com=P0-1987710438-1650283090083%5E1&tpid_tdid=d087d92f-ab61-4541-8997-7fa4bf9836c4&eid_adserver.org=d087d92f-ab61-4541-8997-7fa4bf9836c4&rf=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&tk_flint=pbjs_lite_v4.43.0&x_source.tid=a6afa702-3f5b-4e1f-951b-dead9922c6c6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.40532901133073995
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1225499c83b1fecef024adbb27460d262a734ec785d76e718d17787281d31fff

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:58:17 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ndtv.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		55 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&CanonicalUrl=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&PublisherDomain=https%3A%2F%2Fwww.ndtv.com%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
67a23548053e4fe2e7b49ebe723ba175765cb95aebf8daba821d69b6351b2c6d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:16 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ndtv.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
55
expires
0
v1
prg.smartadserver.com/prebid/ 		0
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:16 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
arj
adpushup-d.openx.net/w/1.0/ 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6fb6e9d9-3190-4a5d-8c2f-b9ddf54cdff3&nocache=1650283097056&pubcid=3c50ec84-8acd-49b4-bad3-d626040d9983&quantcastid=P0-1987710438-1650283090083&ttduuid=d087d92f-ab61-4541-8997-7fa4bf9836c4&schain=1.0%2C1!adpushup.com%2C7211546524c2c50f57c12fd724655910%2C1%2C%2C%2C&aus=300x250&divids=ADP_42804_300x250_00000001-587e9c21-66a1-4c40-9c4b-7727676561b9&aucs=&auid=545650236
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
dc07b50cb073334c01a32b936de167c4ed545b334bf57e4377e0914c098efb5f

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:17 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ndtv.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a2893285-8a48-4624-a261-4f7b54066808&nocache=1650283097057&pubcid=3c50ec84-8acd-49b4-bad3-d626040d9983&quantcastid=P0-1987710438-1650283090083&ttduuid=d087d92f-ab61-4541-8997-7fa4bf9836c4&schain=1.0%2C1!adpushup.com%2C7211546524c2c50f57c12fd724655910%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A300%2C%22h%22%3A200%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545650242&vwd=300&vht=200&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:17 GMT
via
1.1 google
server
OXGW/18.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ndtv.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
v2
e.serverbid.com/api/ 		711 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6bc8c93d1550a77f45c0fe4c93df72a6020cd4b6c6d8296a7aaf69771ad48682

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ndtv.com
date
Mon, 18 Apr 2022 11:58:16 GMT
access-control-allow-credentials
true
content-length
711
vary
Origin
content-type
application/json
prebid
prebid.media.net/rtb/ 		1 KB
903 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4299d2671ab41311064d1d2de412d6ef93e1f8cff8cc38cd67326b0c6f30db68

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:17 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
v2
i.connectad.io/api/ 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Apr 2022 11:58:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
6fdd3a4ec98e9ba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adpush
adpush.technoratimedia.com/openrtb/bids/ 		53 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpush.technoratimedia.com/openrtb/bids/adpush?src=prebid_prebid_4.43.0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.148.45.191 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
869f1aefcd289d14fa401b99a115ae0ca04252c702ca483fbb11c273ef686d44

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 18 Apr 2022 11:58:17 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.ndtv.com
access-control-allow-credentials
true
x-varnish
864466959
content-length
78
via
1.1 varnish
c
prebid.a-mo.net/a/ 		0
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ndtv.com
date
Mon, 18 Apr 2022 11:58:16 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
99
vary
origin, Accept-Encoding
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.116.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-116-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ndtv.com
date
Mon, 18 Apr 2022 11:58:17 GMT
access-control-allow-credentials
true
vary
Origin
bid
ap.lijit.com/rtb/ 		94 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
3d52f3a0899cf3d2018c710f7a621c65fdae97d878b19bee74243af5e7cdc4c8

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 18 Apr 2022 11:58:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ndtv.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
cdb
bidder.criteo.com/ 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=38171853666
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Apr 2022 11:58:16 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.ndtv.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid-request
onetag-sys.com/ 		15 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.ndtv.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cygnus
htlb.casalemedia.com/ 		37 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=702039&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22298270948badc6e%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A1%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A1%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22quantcastId%22%2C%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%227211546524c2c50f57c12fd724655910%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d087d92f-ab61-4541-8997-7fa4bf9836c4%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2230b2ff6a102e64%22%2C%22ext%22%3A%7B%22siteID%22%3A%22702039%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
561ec16985560775a59129b7fb9fe44507fc6bf03d09f66680d3434952976918

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:17 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.166], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.ndtv.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Mon, 18 Apr 2022 11:58:17 GMT
cygnus
htlb.casalemedia.com/ 		37 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=702039&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22298270948badc6e%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A1%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A1%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22quantcastId%22%2C%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%227211546524c2c50f57c12fd724655910%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d087d92f-ab61-4541-8997-7fa4bf9836c4%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2230b2ff6a102e64%22%2C%22ext%22%3A%7B%22siteID%22%3A%22702039%22%2C%22sid%22%3A%22300x250%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B300%2C250%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%5D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
561ec16985560775a59129b7fb9fe44507fc6bf03d09f66680d3434952976918

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:17 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.166], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.ndtv.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Mon, 18 Apr 2022 11:58:17 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
fda0ece311fd4b118b1c0425fe36f03dca3189ee41db0de65915e84a6356dc81
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:58:17 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b6a35148-3c91-429f-8191-ee5494e7c23b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ndtv.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.ndtv.com&rs=www.ndtv.com&sid=26536&t=1650283093&cip=185.213.155.166&sn=&tgt=0&osv=10&bv=100.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=614ae5b1d660a1446c352c0d&test=4&aafaid=&proto=https&uid=1650283093008-912834300205-005476-003-004954&cha=0.1&stagid=614ae73c247c816b3714756b&stplid=614ae7204084214cd6616f24&d35=&d36=6.2.13&cb=80320118832&d9=1000&d37=realtime&AV_WIDTH=640&AV_HEIGHT=360&asid=614ae69d29bdb349a0629fc6%7C614c9359d1cd29501548ee14&pid=614ae5b1d660a1446c352c0d%7C59c9148628a0612da3689288&cid=614ae6a95c7eb072a57ff2c6%7C614ae5e4dfd55f034b6d3714&h=1b086029e1809fbfcb7865623f4b7063c2f72b44&d9=1000&ad=20&vi=0&ofpr=0.8&imid=88f179c84254fe96a360cc8c612d6880_17231517_17075674_2&e=sec3&vi=0&d1=vpaid&fv=3&cb=1650283094642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.68.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-68-121.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:18 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
csi
csi.gstatic.com/ Frame A1FB 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l24ny1rr&c=4480595320116&slotId=2240297660058&met.4=hvd_lc.l24ny1rr~hvd_ad.l24ny1rr~hvd_mad.l24ny1rr~hvd_admu.l24ny1rr~hvd_src.l24ny1rr&ps=640x360
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:18 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7E90 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C6U76VlJdYuSfM4fT3gPzxbXwAfLZvoRopefct5sPsJAfEAEgptz-dmCV4pCCoAegAayyj6AByAEF4AIAqAMBmAQAqgSeA0_Qukbyglg___ZQg8xP3XWWYYRy4na3gRWNq1lOdxbegbga8DMSlUo0kW20ega4oHmeitq6Rli50sGLg0qMGJOnzwDtUou7EgaNgpO5v_qD0EfZGRe9pV4bLJdR6jd1Dd7O0MOQk4aJj6J2aG0uY_Rg2NusEa6sJLU2Ms_lL3iZA8ohB329bwtce84pl5c8Ih__tbRbI_Q3r5jOvCD3FV11DWx6oQ3UMRz0oJB-MflaO90FGIiNhdoE-7ZmTTxGtCEkXoXa_eop5RTMOzeG6xvXVl5PQNf-fUlKrHdF2zpNxU61xa2-ekinC9V4E_orsbbm8yBrJOsN1Uo1vDhF1phUJ7hCKsG-Ylb5TICR5GLi0J5UTOp_M8hjwFcOF4AttZYDWPFBj5eaAP5JHoZYLrw-2LLMJwR-ZT773D_-Ax2Z53tKXpaJn5zyQdCLOgRDgFMP8x2Vils16W4HQEwWSMxVyAru-PQX3owBoKm-ThlJLmFE3QTY5LMbH_HJkFVzNpwIggFp97SBtYiFKy-qv3MQlz2M9a0yE1HrblO7oMAE0_vclfkD4AQBiAXEhMTOO6AGVIAHvM3w3wKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMzE0MDU3Nzc3MTE1NjI0N4AKA8gLAbAT-Z74DtgTDdgUAdAVAagWAeIWAggB-BYBgBcB&sigh=VZacPlLVgUI&cmd=Ch1jYS12aWRlby1wdWItMjU2MTQ3MDIwNTI4OTkwMRAAGAI&label=videoplaytime25&ad_mt=3977&acvw=sv%3D924%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D2615,425,2975,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4026%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D820%26pst%3D415%26dur%3D15000%26vmtime%3D3976%26dvs%3D0%26dfvs%3D0%26dvpt%3D4013%26is%3D18%26i0%3D18%26i1%3D18%26ic%3D0%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D401%26femvt%3D0%26emc%3D44%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D774731410%26psm%3D-2147483633%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D5846%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1650283095140&sdkv=h.3.510.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjc2MDY5Njc0MTIMNTc2NzIyMTY0NjkzQJwCUiAQDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25IvQJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=15059524440191666319;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D924%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D2615,425,2975,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7E90 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=15059524440191666319;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D924%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D2615,425,2975,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4026%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D820%26pst%3D415%26dur%3D15000%26vmtime%3D3976%26dvs%3D0%26dfvs%3D0%26dvpt%3D4013%26is%3D18%26i0%3D18%26i1%3D18%26ic%3D0%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D401%26femvt%3D0%26emc%3D44%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D774731410%26psm%3D-2147483633%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D5846%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1650283095140?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.ndtv.com&rs=www.ndtv.com&sid=26536&t=1650283093&cip=185.213.155.166&sn=&tgt=0&osv=10&bv=100.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=614ae5b1d660a1446c352c0d&test=4&aafaid=&proto=https&uid=1650283093008-912834300205-005476-003-004954&cha=0.1&stagid=614ae73c247c816b3714756b&stplid=614ae7204084214cd6616f24&d35=&d36=6.2.13&cb=80320118832&d9=1000&d37=realtime&AV_WIDTH=640&AV_HEIGHT=360&asid=614ae69d29bdb349a0629fc6%7C614c9359d1cd29501548ee14&pid=614ae5b1d660a1446c352c0d%7C59c9148628a0612da3689288&cid=614ae6a95c7eb072a57ff2c6%7C614ae5e4dfd55f034b6d3714&h=1b086029e1809fbfcb7865623f4b7063c2f72b44&d9=1000&ad=20&vi=0&ofpr=0.8&imid=88f179c84254fe96a360cc8c612d6880_17231517_17075674_2&e=firstQuartile&ad=20&vi=0&d1=vpaid&fv=3&cb=1650283094642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.68.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-68-121.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:19 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.ndtv.com&rs=www.ndtv.com&sid=26536&t=1650283093&cip=185.213.155.166&sn=&tgt=0&osv=10&bv=100.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=614ae5b1d660a1446c352c0d&test=4&aafaid=&proto=https&uid=1650283093008-912834300205-005476-003-004954&cha=0.1&stagid=614ae73c247c816b3714756b&stplid=614ae7204084214cd6616f24&d35=&d36=6.2.13&cb=80320118832&d9=1000&d37=realtime&AV_WIDTH=640&AV_HEIGHT=360
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=614ae5b1d660a1446c352c0d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.68.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-68-121.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ndtv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 18 Apr 2022 11:58:19 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ndtv.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 11:58:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ndtv.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 11:58:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2153790268243313&correlator=2059828317824349&eid=31065714%2C31060545%2C31065454%2C31064624%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fif&iu_parts=103512698%3A1068322%2C22548696233&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=7&adks=3669634540&sfv=1-0-38&ecs=20220418&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42804%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dfalse%26faid%3Dfalse&sc=1&cookie=ID%3Dd317da4ffd7b4706%3AT%3D1650283090%3AS%3DALNI_MaFSNtPOZNsvEH4Z3AXzoSw_HcKPg&abxe=1&dt=1650283100066&lmt=1650283100&dlt=1650283089043&idt=840&biw=1600&bih=1200&adxs=1130&adys=1204&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&fws=4&ohw=300&ga_vid=817571239.1650283089&ga_sid=1650283091&ga_hid=1702610171&ga_fc=true&btvi=2&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
c29e442d2011e4719ad14e163a6e9179c2adcb6c2add183ad27ccfdb3cac1a8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9820
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ndtv.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42804.1649770399895.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:20 GMT
content-encoding
gzip
last-modified
Tue, 05 Apr 2022 12:58:03 GMT
server
nginx
etag
W/"624c3cdb-17cf9"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Apr 2022 11:58:20 GMT
syncframe
gum.criteo.com/ Frame 3649 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.ndtv.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
08f727d493d0590199568403e67b29c88db5b674e90532f49d013e6e233224fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
5134
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 18 Apr 2022 11:58:20 GMT
server-processing-duration-in-ticks
1880
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ndtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:20 GMT
content-encoding
gzip
last-modified
Tue, 05 Apr 2022 12:58:03 GMT
server
nginx
etag
W/"624c3cdb-17cf9"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Apr 2022 11:58:20 GMT
sid
mug.criteo.com/ Frame 3649
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ndtv.com&sn=ChromeSyncframe&so=0&topUrl=www.ndtv.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=Irc_GnwwekJPSTQ4NkllOGh4ZWZpS1lNbmJGOHFLcjRLN2tVS2xVR051VEt2bDFTL2tZeEllcitJV1BXYmdSSmxMT0dXVEZndk0xUnJJdFhCaUVTVk50Uy9wWkZ3alphTm11M2JTYUE4SDA4NURqUnRiTFpUVlVTZHNKOU...
427 B
631 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Irc_GnwwekJPSTQ4NkllOGh4ZWZpS1lNbmJGOHFLcjRLN2tVS2xVR051VEt2bDFTL2tZeEllcitJV1BXYmdSSmxMT0dXVEZndk0xUnJJdFhCaUVTVk50Uy9wWkZ3alphTm11M2JTYUE4SDA4NURqUnRiTFpUVlVTZHNKOUlKc2VWNksvWnA5Vzl5Y01OUkg2S24yejczSXYxdVlNYVlmdmpheFgzZzI0cnlPSHJYTktzUXVLOUdGVFBpL1RJN1BzZWVENFc5a01EL21FWDdXRjFuczZJeGhaZG11blVENzZIb2V0bUxSUXUyeTF2Sk1BQTZaQTNnRWZ1ajRpT3VTdkNSWlh2SjhWUHBERlhJbVlReXNucDlNRTVuZz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
49db2f6fcf6efeeb6577fa14e48c7d22e711ba449ea382ca9b91ef04c128bca3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3016
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=Irc_GnwwekJPSTQ4NkllOGh4ZWZpS1lNbmJGOHFLcjRLN2tVS2xVR051VEt2bDFTL2tZeEllcitJV1BXYmdSSmxMT0dXVEZndk0xUnJJdFhCaUVTVk50Uy9wWkZ3alphTm11M2JTYUE4SDA4NURqUnRiTFpUVlVTZHNKOUlKc2VWNksvWnA5Vzl5Y01OUkg2S24yejczSXYxdVlNYVlmdmpheFgzZzI0cnlPSHJYTktzUXVLOUdGVFBpL1RJN1BzZWVENFc5a01EL21FWDdXRjFuczZJeGhaZG11blVENzZIb2V0bUxSUXUyeTF2Sk1BQTZaQTNnRWZ1ajRpT3VTdkNSWlh2SjhWUHBERlhJbVlReXNucDlNRTVuZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1644
content-length
541
expires
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 217B 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158451/3766/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.2 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-2.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=23339
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Mon, 18 Apr 2022 11:58:20 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Mon, 18 Apr 2022 18:27:19 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 217B 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39412451&p=158451&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
adebbd97630c89f9d33e4d02db4fba45f2a359328c7d71f0de6efa2cd3dd6d5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:20 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 2459
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=B0A4F84F-A117-4F62-8BBF-924C0AFEABA4
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B0A4F84F-A117-4F62-8BBF-924C0AFEABA4
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B0A4F84F-A117-4F62-8BBF-924C0AFEABA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 18 Apr 2022 11:58:20 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 18 Apr 2022 11:58:20 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B0A4F84F-A117-4F62-8BBF-924C0AFEABA4
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame D8FA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ee2a625d-525c-4a00-97d2-33eb680670ee&gdpr=0&gdpr_consent=
42 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ee2a625d-525c-4a00-97d2-33eb680670ee&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 18 Apr 2022 09:36:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
sfopug015:0:294

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 18 Apr 2022 11:58:20 GMT
Expires
Mon, 18 Apr 2022 11:58:19 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4335 2c68c00 master ord-pixel-x21 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ee2a625d-525c-4a00-97d2-33eb680670ee&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 9D3B
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3237071030811823122
42 B
367 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3237071030811823122
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 18 Apr 2022 04:22:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug0027:0:2483

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3237071030811823122
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 0991
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
187 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 18 Apr 2022 04:05:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
sfopug024:0:362

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 18 Apr 2022 11:58:19 GMT
expires
Mon, 18 Apr 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
3210463
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 217B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sKT4T6EXT2KLv5JMCv6rpA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
2.20.157.2 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-2.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:20 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=130048
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Wed, 20 Apr 2022 00:05:48 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 217B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fa2f625d-525c-4a00-b01c-92eb7a46d052
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fa2f625d-525c-4a00-b01c-92eb7a46d052
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.113.24 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 18 Apr 2022 11:58:20 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x49 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fa2f625d-525c-4a00-b01c-92eb7a46d052
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 18 Apr 2022 11:58:19 GMT
mw
mwzeom.zeotap.com/ Frame 217B
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=B0A4F84F-A117-4F62-8BBF-924C0AFEABA4
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=d087d92f-ab61-4541-8997-7fa4bf9836c4&icm
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=76d4a00704022d6b/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=76d4a00704022d6b/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
  • https://spl.zeotap.com/?zdid=1332&zcluid=76d4a00704022d6b
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a65c3258-1295-41f7-7bc9-83438819dfcf&reqId=0cd30dd2-5b41-4a89-5f9b-abe1b3b0b69c&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEN-YMWuBvX63N8VfsIAY0Q0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a65c3258-1295-41f7-7bc9-83438819dfcf&reqId=0cd30dd2-5b41-4a89-5f9b-abe...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEN-YMWuBvX63N8VfsIAY0Q0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a65c3258-1295-41f7-7bc9-83438819dfcf&reqId=0cd30dd2-5b41-4a89-5f9b-abe1b3b0b69c&zcluid=76d4a00704022d6b&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6fdd3a663ba19007-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEN-YMWuBvX63N8VfsIAY0Q0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a65c3258-1295-41f7-7bc9-83438819dfcf&reqId=0cd30dd2-5b41-4a89-5f9b-abe1b3b0b69c&zcluid=76d4a00704022d6b&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 217B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjBBNEY4NEYtQTExNy00RjYyLThCQkYtOTI0QzBBRkVBQkE0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:20 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:374
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 217B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEx7AuxDaWv3zv269xMh4B0&google_cver=1
42 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEx7AuxDaWv3zv269xMh4B0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 05:05:05 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0026:0:358
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEx7AuxDaWv3zv269xMh4B0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 217B 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 17 Apr 2022 11:58:20 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 217B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2869244627131613056
42 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2869244627131613056
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 09:34:05 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug016:0:387
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2869244627131613056
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 217B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d087d92f-ab61-4541-8997-7fa4bf9836c4
42 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d087d92f-ab61-4541-8997-7fa4bf9836c4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 09:34:56 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug019:0:452
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d087d92f-ab61-4541-8997-7fa4bf9836c4
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 217B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8609762859183615369&gdpr=0&gdpr_consent=
42 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8609762859183615369&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:20 GMT
cache-control
no-store, no-cache, private
x-lat
amspug002:0:506
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:58:20 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e12b9968-b886-4971-b120-76e7103a79b4
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8609762859183615369&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 217B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RT9b_EY_W6pePFf5RjlDqUFrDaFeOQ2vQDx5NiAF
42 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RT9b_EY_W6pePFf5RjlDqUFrDaFeOQ2vQDx5NiAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 04:22:07 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0022:0:384
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RT9b_EY_W6pePFf5RjlDqUFrDaFeOQ2vQDx5NiAF
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
container.html
2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2603 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ndtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Apr 2022 11:58:11 GMT
expires
Tue, 18 Apr 2023 11:58:11 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0F8C 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY1535xgEwAQ&v=APEucNXuE1RGUmjE7D8NfUrB4Xxk3bdNkTW9I5Xvpd3e2jgP8eX2iA8BX1_mwSgDm37HPyO4s8TNFvxgnWmzn9Nz_03FsR6xdXtb3J55oA6RAEQhrCIZiGY4AzXQNBsVKcgMF4D0-AEaShzc_5keWmUHj1aHcZ8oWiEN5ZebNAaQmPn2Ba1xQ6M
Requested by
Host: 2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
URL: https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Apr 2022 11:58:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 2603 		82 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALp5NsS-kxNcavOL6Ln3FUI_ETE6A0mpiKmli21WmP49Q3SFdPKGVZHvoX7fElxBud5EeTLDVjRFJcuMHS_PZr02W28gS7TM5g8JR_otQ-FH1XHFArvb-BPqdGYL0sJEizr_UYttmMX8Pr2b3QaVCO-3Bf_w&dbm_d=AKAmf-DreTeWDJyID7lxelvQRAf_SKlGws5_-RiafXgAh_GIdV9WaKPnlW-TH_QsBz9OEW-nmGMz0ypC7Y5tXwciqIQgue2Wq4rD9WOrEaGgf9q966ITE8vRJUdBKoVbf4Btw9YKH9n-OG4EKVVYvjbGNXRIEfloyGKKTFEE-GQrWcUY_oH7pbdqA8HoUel3T3P-lVCqy4h-j-z5mb0gkveVIRuobHZq09KeV2XP4QVbQ5c66_ITRw80hrXwoqWMKdyRHYa2Dd9vj8PhqnQtdwQhvvXfb7i4YDmDC4sZZYN-q5cwUC1wyl6tBcGvfiAF4eLOeuRNV8igXBybmyvnUVfrIkXt69YsleDatrltpWhBh6tgCzrvim6ZQCpn1gthD8Y3H1_-qLQl8nAnmV5atoiw-LVcjV6oLkScVx8HOkSacdeOfRYNOJmRMX0BrdHufztAvj2tPRY8w36ax6r65p22zgFSrqG1lv4c-KtMC1NVVGR_CK9ZXjSVZPHqbdd_2FnWmG9UkFuDsdjqfXdRpgqCV6XfdaN4ly_u4bAPzZDqSHHIvIspLgAYHu9bRWEcM0PaoOYQ0cCWk3nGPrOQS4Klkko_FheCQbHpcfrp-UMz5ZpT-p-zsNHUuq8XKTLcIRDHvdUKYww-u-t6ynCkAJQaHOT-nM0ln9kOHkaxf-GnttrrsRPu3G2T-8xZaM33V182lep37uNkR67KxIdZPyN4hrP4COJq7WcKgeBmlATh4p4YjECR57Kdis6uZsAmNkID1rKiseYhHSx1S_2Fj7sHgoR5fL9RmT-kUEdsOBAsuwJ7Ff-12ckTwFOIoV_VRMqAdbPO2Y9QdMyUJoUiDEN4cxbFRDAiA7-sfI9zePxtI6RlSkAK-boW9WJ_dbQwE0yiB8cRvGlZZEdzjx8pD_FGRIv-u0iaTGpXgJbf8WJsgWU88CNtIKzsHZyZJja9IrAHNe6PVz2ZWl7PvdZ_RHxfZlR0werAqlL9GVaYMcDrbuMzPAUYMfnWvMARejo2W2_x0MJbon44RVslJrI9MAUl3MhZiPYljmFYNzmQzzeUaz8coECjy7DWU3EC91FdEjoBjHtFgUOaa-xArGQ4HHuZEeqyWdTlOw3Q5MaoMkOZsaGoKuj6l02yzwfQybgJFjDNjaLsSSZ4mYr0l_YLmCrxlj7A0texELIm27pWSlu28a74WfGRdwv17_BL6Ov3Z4ruT4rlbIWqDJv4uVzuC2FYYDUg7ZvPcDj9JXc5pfKxQYTLubHwilWYndqhAiKfErnAPkWh2P-DFUElD1j3lrEX0DE-wTT1JF36r5SgaKHstK8uiEUhy-Zn1JxFR-hiJ2zvfYOS9Vl-aO2-n-LJ8f47torBPEaQ5pGWukxDGbdn3ZUAT8rdnqScH4csR19DbqCQN9URG5xnHN5CmlS_QI45X3THjh0RQdK0UQ1N5A5ywDwKRk7bPcrKg9kOrNYchvKk4WVk_2qnB6JSeGWToz_QaEDUkAwWXibAj6EOHuJk8pYOv3EO87SxMflpBu76gKgDClsoP3UxI-L4GB8_qpAQEXAVKxF6oOIxCBLEm3GIzk4DwZ9VHsk3s4O_j3K11eUK60MFp9XewWXqW9dWmz-u4oZs-RrrWVYJ9--yBYZ_FNwe55zTGOOsDFY1k7Oi2CL0U4DvNGhNQIm3kngaJg9eTk33ZMMqKx5kA_N34UYqV1Lyn7g-yhf8cm0CD3rldoozeJXnQKs116bC5pxIj1VL_Z1keQdUslf97tpFzdmI2lXuqaaBrQlyGIywVVq5waQYnEXgiX1eJ3U6qyYpFt1WD-Sje2WNR3xtuLBAO3wXzbhwY2e57KljsFD47rRRq-U-6dFBAlgVDmZLTOSNj5a5ZRn_CbCHrAl_7GZq7nlhag4AoYw4g3aHqHgmQmH-orMYy5CKnb5iyrADw7RFbuwKT-e2W70BC_mpmNitTsVxkBBBhsqthUn4xaXOAipbyRIDryWteatIUCuwYDCgnRExYDYrmjzindVBRoV32oRmbLGPulKcIREIawcHrpGqGiDZYQV3v6vpPHTCv2OZZln23LwPNbaAc5qBtUebb-E81qKbsmyCLJpX4c32iZxo3B7oPVbvXlY57QFqIlwzIbDIG5WX27nGG-JJfE9z-DXwTkZUBJI8gQFb_xsZSAI2yzfPVyG4P9F-bTkXjFnqBNSTmjwOQ3Uasj1ax_4_400NI2tCwBr4bxLnblOG6TSihmdlsBt4nxViMMO_lsUKogeN3o3AYpx7SbCV74V-5RM8CZly1LJrKfK-CsCGV_0i9r5AM32K-4Z0V2uygoBHcpogqRRWOMGxQYSgG7qFazvllztaDOPuYf2doqvlOiSwYSb1ZHzvGgPmDp7sQWGPT53ZSKdu2XXSp_CF_oLYgDtx5bWcV0DEu6R7WbL7M8AQA4dVEiaOgldpfZ3Jp0qUYHrDdwROJKjUXZV18sTRnJv2SzFZQ_r7Qt6cam1TlT1SHHp2K9eEwmSZg16OmobQPaEpVzeWjr5yw-r-_jw4fqsCPyebK3FHPR5pKa7r-jXZa18yNjPpSf077_inwiHBZPszXdiE9LdTRsgyfGAQB1B2mwM3ZTsjc-XKfusqiMCLodjfm7BHHb9HMi3dirPNBUKJfwQiuVHokDZmBP6wIKSu4DraFHJPp9K_R25MGvMUGN1rsH52Fb774ju52pfj5TbPl-3z8smtiWUZQnxelHZO0JS08pfyDTDymi0kodOwB3t28kr0XYYJXumvJOA-5z2BvQjpU5NarJ02CM0dK_dPHbW11d_ty7JHPvf3pLlbC4t7TW7yixS7yk8Rmf1Tg_PIP6xxsigibp4qRIFwczLChPC0ysnTVr7QwGdJmJ21xZd1aRwszxDvNo8SjtmVI7g6Hp47rmO0hBXs5wXW5Bqj-r_hcxJmtQpZjZXZqQS0CQts1rY3ODNzYgnyxP6Vvmub_ZMxtJYr3PD8JjSpV-B1i_aYM348R2UAWcfofErbGUhzoTonGihVsUcwLh1qLxLTmUfUPLAigbw3LjGwrH1z6UEMCqdwQ1lIeneprr2CSkzEWvcC-AjUdcqVNsgRziKmzjhaocHNYVGYIP7rWVfILhgDoEFSMk2II-acuPqBotBGextgqZuqo03X6BiYpEhhlFQHbUTWe6baGKxJh05DBnj9XjW_0V1oaU7T-wy8HqCkUab8tkXga6yzYVz9QnFKqU8991txgpoXNO8M_y3RPK-k5dfnak-eehxEszRXDJ4qyfTeAemJc1oYYId4PWZMGr2-a88hjAwLs660l2Co1HHxkkf0v0BCVmGXULxsZJpNgIcyUYy2qqDmM18eucX7B48sxMcyyZdEGjr_o1RuBwrPv9f3ocDEor_jmFhNrL26Qhx7HQhCcn702BaoFd72q-HArB9HtgJ_zvyKE4Ax3-Y960WIbl09oVYxObgrdIs3smZMUPsoNCDP91lKJSVx_-nBpkC7aegC0DaT3E825v-24hpW2D22jyriCsnnJ47BcSAknENRkUqTiGTpq9KZ7kTBncuQvA&cid=CAASJeRoDQsXxoSRbB3A2ZntSaofhE4QRS_BR_MS7z9IGKydFlOgRjM&rfl=1%2Chttps%253A%252F%252Fwww.ndtv.com%252F%240
Requested by
Host: t.co
URL: https://t.co/EPE1QIG4we
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6800d6ebc338380bd001473745bf2f95b48ab5c140f9faff200ab728500a6c0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34138
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2603 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BVXLyUV4m6h_P6Jo-uqI31laeYbibFNPHD_X_oLJeBqpIjLykMCbIuJISocZ-uXt-5flNs1rhQqFO7ZaG8jH8AZs35dgRHyED-Z-NzHvmCEO124dc
Requested by
Host: 2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
URL: https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 2603 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
URL: https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:53:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 May 2022 11:53:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2603 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
URL: https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Apr 2022 11:58:20 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 2603 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
URL: https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:50:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 May 2022 11:50:26 GMT
rum
dsum-sec.casalemedia.com/ Frame 0F8C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2BaU83T3FzupI2RSNmzPs&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2BaU83T3FzupI2RSNmzPs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY1535xgEwAQ&v=APEucNXuE1RGUmjE7D8NfUrB4Xxk3bdNkTW9I5Xvpd3e2jgP8eX2iA8BX1_mwSgDm37HPyO4s8TNFvxgnWmzn9Nz_03FsR6xdXtb3J55oA6RAEQhrCIZiGY4AzXQNBsVKcgMF4D0-AEaShzc_5keWmUHj1aHcZ8oWiEN5ZebNAaQmPn2Ba1xQ6M
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:58:20 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 11:58:20 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2BaU83T3FzupI2RSNmzPs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0F8C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yl1SU2bP0H8x5hwEskKzKAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2BaU83T3FzupI2RSNmzPs&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2BaU83T3FzupI2RSNmzPs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY1535xgEwAQ&v=APEucNXuE1RGUmjE7D8NfUrB4Xxk3bdNkTW9I5Xvpd3e2jgP8eX2iA8BX1_mwSgDm37HPyO4s8TNFvxgnWmzn9Nz_03FsR6xdXtb3J55oA6RAEQhrCIZiGY4AzXQNBsVKcgMF4D0-AEaShzc_5keWmUHj1aHcZ8oWiEN5ZebNAaQmPn2Ba1xQ6M
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:58:20 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 11:58:20 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2BaU83T3FzupI2RSNmzPs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0F8C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIytdGaOGG2p_qjtEevZTes&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIytdGaOGG2p_qjtEevZTes&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY1535xgEwAQ&v=APEucNXuE1RGUmjE7D8NfUrB4Xxk3bdNkTW9I5Xvpd3e2jgP8eX2iA8BX1_mwSgDm37HPyO4s8TNFvxgnWmzn9Nz_03FsR6xdXtb3J55oA6RAEQhrCIZiGY4AzXQNBsVKcgMF4D0-AEaShzc_5keWmUHj1aHcZ8oWiEN5ZebNAaQmPn2Ba1xQ6M
Protocol
HTTP/1.1
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:58:20 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3255c888-fc0b-4c10-a3b4-ce976cd3df51
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIytdGaOGG2p_qjtEevZTes&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0F8C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYwOTc2Mjg1OTE4MzYxNTM2OQ%3D%3D
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYwOTc2Mjg1OTE4MzYxNTM2OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY1535xgEwAQ&v=APEucNXuE1RGUmjE7D8NfUrB4Xxk3bdNkTW9I5Xvpd3e2jgP8eX2iA8BX1_mwSgDm37HPyO4s8TNFvxgnWmzn9Nz_03FsR6xdXtb3J55oA6RAEQhrCIZiGY4AzXQNBsVKcgMF4D0-AEaShzc_5keWmUHj1aHcZ8oWiEN5ZebNAaQmPn2Ba1xQ6M
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:58:20 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3444a9be-aa86-4bc2-8b64-88b539112da5
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYwOTc2Mjg1OTE4MzYxNTM2OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 2603 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: t.co
URL: https://t.co/EPE1QIG4we
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/
Origin
https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:47:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
679
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Apr 2022 11:47:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame 2603 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALp5NsS-kxNcavOL6Ln3FUI_ETE6A0mpiKmli21WmP49Q3SFdPKGVZHvoX7fElxBud5EeTLDVjRFJcuMHS_PZr02W28gS7TM5g8JR_otQ-FH1XHFArvb-BPqdGYL0sJEizr_UYttmMX8Pr2b3QaVCO-3Bf_w&dbm_d=AKAmf-DreTeWDJyID7lxelvQRAf_SKlGws5_-RiafXgAh_GIdV9WaKPnlW-TH_QsBz9OEW-nmGMz0ypC7Y5tXwciqIQgue2Wq4rD9WOrEaGgf9q966ITE8vRJUdBKoVbf4Btw9YKH9n-OG4EKVVYvjbGNXRIEfloyGKKTFEE-GQrWcUY_oH7pbdqA8HoUel3T3P-lVCqy4h-j-z5mb0gkveVIRuobHZq09KeV2XP4QVbQ5c66_ITRw80hrXwoqWMKdyRHYa2Dd9vj8PhqnQtdwQhvvXfb7i4YDmDC4sZZYN-q5cwUC1wyl6tBcGvfiAF4eLOeuRNV8igXBybmyvnUVfrIkXt69YsleDatrltpWhBh6tgCzrvim6ZQCpn1gthD8Y3H1_-qLQl8nAnmV5atoiw-LVcjV6oLkScVx8HOkSacdeOfRYNOJmRMX0BrdHufztAvj2tPRY8w36ax6r65p22zgFSrqG1lv4c-KtMC1NVVGR_CK9ZXjSVZPHqbdd_2FnWmG9UkFuDsdjqfXdRpgqCV6XfdaN4ly_u4bAPzZDqSHHIvIspLgAYHu9bRWEcM0PaoOYQ0cCWk3nGPrOQS4Klkko_FheCQbHpcfrp-UMz5ZpT-p-zsNHUuq8XKTLcIRDHvdUKYww-u-t6ynCkAJQaHOT-nM0ln9kOHkaxf-GnttrrsRPu3G2T-8xZaM33V182lep37uNkR67KxIdZPyN4hrP4COJq7WcKgeBmlATh4p4YjECR57Kdis6uZsAmNkID1rKiseYhHSx1S_2Fj7sHgoR5fL9RmT-kUEdsOBAsuwJ7Ff-12ckTwFOIoV_VRMqAdbPO2Y9QdMyUJoUiDEN4cxbFRDAiA7-sfI9zePxtI6RlSkAK-boW9WJ_dbQwE0yiB8cRvGlZZEdzjx8pD_FGRIv-u0iaTGpXgJbf8WJsgWU88CNtIKzsHZyZJja9IrAHNe6PVz2ZWl7PvdZ_RHxfZlR0werAqlL9GVaYMcDrbuMzPAUYMfnWvMARejo2W2_x0MJbon44RVslJrI9MAUl3MhZiPYljmFYNzmQzzeUaz8coECjy7DWU3EC91FdEjoBjHtFgUOaa-xArGQ4HHuZEeqyWdTlOw3Q5MaoMkOZsaGoKuj6l02yzwfQybgJFjDNjaLsSSZ4mYr0l_YLmCrxlj7A0texELIm27pWSlu28a74WfGRdwv17_BL6Ov3Z4ruT4rlbIWqDJv4uVzuC2FYYDUg7ZvPcDj9JXc5pfKxQYTLubHwilWYndqhAiKfErnAPkWh2P-DFUElD1j3lrEX0DE-wTT1JF36r5SgaKHstK8uiEUhy-Zn1JxFR-hiJ2zvfYOS9Vl-aO2-n-LJ8f47torBPEaQ5pGWukxDGbdn3ZUAT8rdnqScH4csR19DbqCQN9URG5xnHN5CmlS_QI45X3THjh0RQdK0UQ1N5A5ywDwKRk7bPcrKg9kOrNYchvKk4WVk_2qnB6JSeGWToz_QaEDUkAwWXibAj6EOHuJk8pYOv3EO87SxMflpBu76gKgDClsoP3UxI-L4GB8_qpAQEXAVKxF6oOIxCBLEm3GIzk4DwZ9VHsk3s4O_j3K11eUK60MFp9XewWXqW9dWmz-u4oZs-RrrWVYJ9--yBYZ_FNwe55zTGOOsDFY1k7Oi2CL0U4DvNGhNQIm3kngaJg9eTk33ZMMqKx5kA_N34UYqV1Lyn7g-yhf8cm0CD3rldoozeJXnQKs116bC5pxIj1VL_Z1keQdUslf97tpFzdmI2lXuqaaBrQlyGIywVVq5waQYnEXgiX1eJ3U6qyYpFt1WD-Sje2WNR3xtuLBAO3wXzbhwY2e57KljsFD47rRRq-U-6dFBAlgVDmZLTOSNj5a5ZRn_CbCHrAl_7GZq7nlhag4AoYw4g3aHqHgmQmH-orMYy5CKnb5iyrADw7RFbuwKT-e2W70BC_mpmNitTsVxkBBBhsqthUn4xaXOAipbyRIDryWteatIUCuwYDCgnRExYDYrmjzindVBRoV32oRmbLGPulKcIREIawcHrpGqGiDZYQV3v6vpPHTCv2OZZln23LwPNbaAc5qBtUebb-E81qKbsmyCLJpX4c32iZxo3B7oPVbvXlY57QFqIlwzIbDIG5WX27nGG-JJfE9z-DXwTkZUBJI8gQFb_xsZSAI2yzfPVyG4P9F-bTkXjFnqBNSTmjwOQ3Uasj1ax_4_400NI2tCwBr4bxLnblOG6TSihmdlsBt4nxViMMO_lsUKogeN3o3AYpx7SbCV74V-5RM8CZly1LJrKfK-CsCGV_0i9r5AM32K-4Z0V2uygoBHcpogqRRWOMGxQYSgG7qFazvllztaDOPuYf2doqvlOiSwYSb1ZHzvGgPmDp7sQWGPT53ZSKdu2XXSp_CF_oLYgDtx5bWcV0DEu6R7WbL7M8AQA4dVEiaOgldpfZ3Jp0qUYHrDdwROJKjUXZV18sTRnJv2SzFZQ_r7Qt6cam1TlT1SHHp2K9eEwmSZg16OmobQPaEpVzeWjr5yw-r-_jw4fqsCPyebK3FHPR5pKa7r-jXZa18yNjPpSf077_inwiHBZPszXdiE9LdTRsgyfGAQB1B2mwM3ZTsjc-XKfusqiMCLodjfm7BHHb9HMi3dirPNBUKJfwQiuVHokDZmBP6wIKSu4DraFHJPp9K_R25MGvMUGN1rsH52Fb774ju52pfj5TbPl-3z8smtiWUZQnxelHZO0JS08pfyDTDymi0kodOwB3t28kr0XYYJXumvJOA-5z2BvQjpU5NarJ02CM0dK_dPHbW11d_ty7JHPvf3pLlbC4t7TW7yixS7yk8Rmf1Tg_PIP6xxsigibp4qRIFwczLChPC0ysnTVr7QwGdJmJ21xZd1aRwszxDvNo8SjtmVI7g6Hp47rmO0hBXs5wXW5Bqj-r_hcxJmtQpZjZXZqQS0CQts1rY3ODNzYgnyxP6Vvmub_ZMxtJYr3PD8JjSpV-B1i_aYM348R2UAWcfofErbGUhzoTonGihVsUcwLh1qLxLTmUfUPLAigbw3LjGwrH1z6UEMCqdwQ1lIeneprr2CSkzEWvcC-AjUdcqVNsgRziKmzjhaocHNYVGYIP7rWVfILhgDoEFSMk2II-acuPqBotBGextgqZuqo03X6BiYpEhhlFQHbUTWe6baGKxJh05DBnj9XjW_0V1oaU7T-wy8HqCkUab8tkXga6yzYVz9QnFKqU8991txgpoXNO8M_y3RPK-k5dfnak-eehxEszRXDJ4qyfTeAemJc1oYYId4PWZMGr2-a88hjAwLs660l2Co1HHxkkf0v0BCVmGXULxsZJpNgIcyUYy2qqDmM18eucX7B48sxMcyyZdEGjr_o1RuBwrPv9f3ocDEor_jmFhNrL26Qhx7HQhCcn702BaoFd72q-HArB9HtgJ_zvyKE4Ax3-Y960WIbl09oVYxObgrdIs3smZMUPsoNCDP91lKJSVx_-nBpkC7aegC0DaT3E825v-24hpW2D22jyriCsnnJ47BcSAknENRkUqTiGTpq9KZ7kTBncuQvA&cid=CAASJeRoDQsXxoSRbB3A2ZntSaofhE4QRS_BR_MS7z9IGKydFlOgRjM&rfl=1%2Chttps%253A%252F%252Fwww.ndtv.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 May 2022 11:54:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 2603 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALp5NsS-kxNcavOL6Ln3FUI_ETE6A0mpiKmli21WmP49Q3SFdPKGVZHvoX7fElxBud5EeTLDVjRFJcuMHS_PZr02W28gS7TM5g8JR_otQ-FH1XHFArvb-BPqdGYL0sJEizr_UYttmMX8Pr2b3QaVCO-3Bf_w&dbm_d=AKAmf-DreTeWDJyID7lxelvQRAf_SKlGws5_-RiafXgAh_GIdV9WaKPnlW-TH_QsBz9OEW-nmGMz0ypC7Y5tXwciqIQgue2Wq4rD9WOrEaGgf9q966ITE8vRJUdBKoVbf4Btw9YKH9n-OG4EKVVYvjbGNXRIEfloyGKKTFEE-GQrWcUY_oH7pbdqA8HoUel3T3P-lVCqy4h-j-z5mb0gkveVIRuobHZq09KeV2XP4QVbQ5c66_ITRw80hrXwoqWMKdyRHYa2Dd9vj8PhqnQtdwQhvvXfb7i4YDmDC4sZZYN-q5cwUC1wyl6tBcGvfiAF4eLOeuRNV8igXBybmyvnUVfrIkXt69YsleDatrltpWhBh6tgCzrvim6ZQCpn1gthD8Y3H1_-qLQl8nAnmV5atoiw-LVcjV6oLkScVx8HOkSacdeOfRYNOJmRMX0BrdHufztAvj2tPRY8w36ax6r65p22zgFSrqG1lv4c-KtMC1NVVGR_CK9ZXjSVZPHqbdd_2FnWmG9UkFuDsdjqfXdRpgqCV6XfdaN4ly_u4bAPzZDqSHHIvIspLgAYHu9bRWEcM0PaoOYQ0cCWk3nGPrOQS4Klkko_FheCQbHpcfrp-UMz5ZpT-p-zsNHUuq8XKTLcIRDHvdUKYww-u-t6ynCkAJQaHOT-nM0ln9kOHkaxf-GnttrrsRPu3G2T-8xZaM33V182lep37uNkR67KxIdZPyN4hrP4COJq7WcKgeBmlATh4p4YjECR57Kdis6uZsAmNkID1rKiseYhHSx1S_2Fj7sHgoR5fL9RmT-kUEdsOBAsuwJ7Ff-12ckTwFOIoV_VRMqAdbPO2Y9QdMyUJoUiDEN4cxbFRDAiA7-sfI9zePxtI6RlSkAK-boW9WJ_dbQwE0yiB8cRvGlZZEdzjx8pD_FGRIv-u0iaTGpXgJbf8WJsgWU88CNtIKzsHZyZJja9IrAHNe6PVz2ZWl7PvdZ_RHxfZlR0werAqlL9GVaYMcDrbuMzPAUYMfnWvMARejo2W2_x0MJbon44RVslJrI9MAUl3MhZiPYljmFYNzmQzzeUaz8coECjy7DWU3EC91FdEjoBjHtFgUOaa-xArGQ4HHuZEeqyWdTlOw3Q5MaoMkOZsaGoKuj6l02yzwfQybgJFjDNjaLsSSZ4mYr0l_YLmCrxlj7A0texELIm27pWSlu28a74WfGRdwv17_BL6Ov3Z4ruT4rlbIWqDJv4uVzuC2FYYDUg7ZvPcDj9JXc5pfKxQYTLubHwilWYndqhAiKfErnAPkWh2P-DFUElD1j3lrEX0DE-wTT1JF36r5SgaKHstK8uiEUhy-Zn1JxFR-hiJ2zvfYOS9Vl-aO2-n-LJ8f47torBPEaQ5pGWukxDGbdn3ZUAT8rdnqScH4csR19DbqCQN9URG5xnHN5CmlS_QI45X3THjh0RQdK0UQ1N5A5ywDwKRk7bPcrKg9kOrNYchvKk4WVk_2qnB6JSeGWToz_QaEDUkAwWXibAj6EOHuJk8pYOv3EO87SxMflpBu76gKgDClsoP3UxI-L4GB8_qpAQEXAVKxF6oOIxCBLEm3GIzk4DwZ9VHsk3s4O_j3K11eUK60MFp9XewWXqW9dWmz-u4oZs-RrrWVYJ9--yBYZ_FNwe55zTGOOsDFY1k7Oi2CL0U4DvNGhNQIm3kngaJg9eTk33ZMMqKx5kA_N34UYqV1Lyn7g-yhf8cm0CD3rldoozeJXnQKs116bC5pxIj1VL_Z1keQdUslf97tpFzdmI2lXuqaaBrQlyGIywVVq5waQYnEXgiX1eJ3U6qyYpFt1WD-Sje2WNR3xtuLBAO3wXzbhwY2e57KljsFD47rRRq-U-6dFBAlgVDmZLTOSNj5a5ZRn_CbCHrAl_7GZq7nlhag4AoYw4g3aHqHgmQmH-orMYy5CKnb5iyrADw7RFbuwKT-e2W70BC_mpmNitTsVxkBBBhsqthUn4xaXOAipbyRIDryWteatIUCuwYDCgnRExYDYrmjzindVBRoV32oRmbLGPulKcIREIawcHrpGqGiDZYQV3v6vpPHTCv2OZZln23LwPNbaAc5qBtUebb-E81qKbsmyCLJpX4c32iZxo3B7oPVbvXlY57QFqIlwzIbDIG5WX27nGG-JJfE9z-DXwTkZUBJI8gQFb_xsZSAI2yzfPVyG4P9F-bTkXjFnqBNSTmjwOQ3Uasj1ax_4_400NI2tCwBr4bxLnblOG6TSihmdlsBt4nxViMMO_lsUKogeN3o3AYpx7SbCV74V-5RM8CZly1LJrKfK-CsCGV_0i9r5AM32K-4Z0V2uygoBHcpogqRRWOMGxQYSgG7qFazvllztaDOPuYf2doqvlOiSwYSb1ZHzvGgPmDp7sQWGPT53ZSKdu2XXSp_CF_oLYgDtx5bWcV0DEu6R7WbL7M8AQA4dVEiaOgldpfZ3Jp0qUYHrDdwROJKjUXZV18sTRnJv2SzFZQ_r7Qt6cam1TlT1SHHp2K9eEwmSZg16OmobQPaEpVzeWjr5yw-r-_jw4fqsCPyebK3FHPR5pKa7r-jXZa18yNjPpSf077_inwiHBZPszXdiE9LdTRsgyfGAQB1B2mwM3ZTsjc-XKfusqiMCLodjfm7BHHb9HMi3dirPNBUKJfwQiuVHokDZmBP6wIKSu4DraFHJPp9K_R25MGvMUGN1rsH52Fb774ju52pfj5TbPl-3z8smtiWUZQnxelHZO0JS08pfyDTDymi0kodOwB3t28kr0XYYJXumvJOA-5z2BvQjpU5NarJ02CM0dK_dPHbW11d_ty7JHPvf3pLlbC4t7TW7yixS7yk8Rmf1Tg_PIP6xxsigibp4qRIFwczLChPC0ysnTVr7QwGdJmJ21xZd1aRwszxDvNo8SjtmVI7g6Hp47rmO0hBXs5wXW5Bqj-r_hcxJmtQpZjZXZqQS0CQts1rY3ODNzYgnyxP6Vvmub_ZMxtJYr3PD8JjSpV-B1i_aYM348R2UAWcfofErbGUhzoTonGihVsUcwLh1qLxLTmUfUPLAigbw3LjGwrH1z6UEMCqdwQ1lIeneprr2CSkzEWvcC-AjUdcqVNsgRziKmzjhaocHNYVGYIP7rWVfILhgDoEFSMk2II-acuPqBotBGextgqZuqo03X6BiYpEhhlFQHbUTWe6baGKxJh05DBnj9XjW_0V1oaU7T-wy8HqCkUab8tkXga6yzYVz9QnFKqU8991txgpoXNO8M_y3RPK-k5dfnak-eehxEszRXDJ4qyfTeAemJc1oYYId4PWZMGr2-a88hjAwLs660l2Co1HHxkkf0v0BCVmGXULxsZJpNgIcyUYy2qqDmM18eucX7B48sxMcyyZdEGjr_o1RuBwrPv9f3ocDEor_jmFhNrL26Qhx7HQhCcn702BaoFd72q-HArB9HtgJ_zvyKE4Ax3-Y960WIbl09oVYxObgrdIs3smZMUPsoNCDP91lKJSVx_-nBpkC7aegC0DaT3E825v-24hpW2D22jyriCsnnJ47BcSAknENRkUqTiGTpq9KZ7kTBncuQvA&cid=CAASJeRoDQsXxoSRbB3A2ZntSaofhE4QRS_BR_MS7z9IGKydFlOgRjM&rfl=1%2Chttps%253A%252F%252Fwww.ndtv.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:56:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 May 2022 11:56:39 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7E90 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C6U76VlJdYuSfM4fT3gPzxbXwAfLZvoRopefct5sPsJAfEAEgptz-dmCV4pCCoAegAayyj6AByAEF4AIAqAMBmAQAqgSeA0_Qukbyglg___ZQg8xP3XWWYYRy4na3gRWNq1lOdxbegbga8DMSlUo0kW20ega4oHmeitq6Rli50sGLg0qMGJOnzwDtUou7EgaNgpO5v_qD0EfZGRe9pV4bLJdR6jd1Dd7O0MOQk4aJj6J2aG0uY_Rg2NusEa6sJLU2Ms_lL3iZA8ohB329bwtce84pl5c8Ih__tbRbI_Q3r5jOvCD3FV11DWx6oQ3UMRz0oJB-MflaO90FGIiNhdoE-7ZmTTxGtCEkXoXa_eop5RTMOzeG6xvXVl5PQNf-fUlKrHdF2zpNxU61xa2-ekinC9V4E_orsbbm8yBrJOsN1Uo1vDhF1phUJ7hCKsG-Ylb5TICR5GLi0J5UTOp_M8hjwFcOF4AttZYDWPFBj5eaAP5JHoZYLrw-2LLMJwR-ZT773D_-Ax2Z53tKXpaJn5zyQdCLOgRDgFMP8x2Vils16W4HQEwWSMxVyAru-PQX3owBoKm-ThlJLmFE3QTY5LMbH_HJkFVzNpwIggFp97SBtYiFKy-qv3MQlz2M9a0yE1HrblO7oMAE0_vclfkD4AQBiAXEhMTOO6AGVIAHvM3w3wKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMzE0MDU3Nzc3MTE1NjI0N4AKA8gLAbAT-Z74DtgTDdgUAdAVAagWAeIWAggB-BYBgBcB&sigh=VZacPlLVgUI&cmd=Ch1jYS12aWRlby1wdWItMjU2MTQ3MDIwNTI4OTkwMRAAGAI&label=video_skip_shown&ad_mt=5230&acvw=sv%3D924%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D2615,425,2975,1065%26p0%3D2615,425,2975,1065%26p1%3D2615,425,2975,1065%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5282%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1220%26pst%3D415%26dur%3D15000%26vmtime%3D5230%26is%3D18%26i0%3D18%26i1%3D18%26cs%3D4114%26c%3D0%26c0%3D0%26c1%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D401%26femvt%3D0%26emc%3D56%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D774731410%26psm%3D-2147483585%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D7102%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0%26ss1%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1650283095140&sdkv=h.3.510.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMjc2MDY5Njc0MTIMNTc2NzIyMTY0NjkzQJwCUiAQDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25IvQJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2603 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
URL: https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 14:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
336859
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Apr 2023 14:24:01 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0720 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
URL: https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21876
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Apr 2022 05:53:44 GMT
etag
48472445140208031
expires
Tue, 19 Apr 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2603 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9627d8bd0830622fa2a697d046020ce70ac3784496b0581387085ef35213d953

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 551C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
336859
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 14:24:01 GMT
expires
Fri, 14 Apr 2023 14:24:01 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 0720
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMjD6dKSclHxwyxwtaUtSTU&google_cver=1&google_push=AYg5qPLkjkheSvTZ4Flo2kW3ALWpcc0OHP6K3o8nrPgZM2brpzDJ7LL3HEjrMwC9tXQ-slkGFbtd1W94fiKiPhfA...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=-i9iXVJcSgCwHJLrekbQUg&google_push=AYg5qPLkjkheSvTZ4Flo2kW3ALWpcc0OHP6K3o8nrPgZM2brpzDJ7LL3HEjrMwC9tXQ-slkGFbtd1W94fiKiPhfA6s95VGzX...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=-i9iXVJcSgCwHJLrekbQUg&google_push=AYg5qPLkjkheSvTZ4Flo2kW3ALWpcc0OHP6K3o8nrPgZM2brpzDJ7LL3HEjrMwC9tXQ-slkGFbtd1W94fiKiPhfA6s95VGzXysDA
Requested by
Host: 2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
URL: https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 18 Apr 2022 11:58:20 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x51 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=-i9iXVJcSgCwHJLrekbQUg&google_push=AYg5qPLkjkheSvTZ4Flo2kW3ALWpcc0OHP6K3o8nrPgZM2brpzDJ7LL3HEjrMwC9tXQ-slkGFbtd1W94fiKiPhfA6s95VGzXysDA
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 18 Apr 2022 11:58:19 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 0720 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEDpkv1JXeG-GmJWHkCuyEMA&google_cver=1&google_push=AYg5qPISlXpEf-VcFbJvx91e3QTVy8vxxHwOFIL3YUefLTcbx5oJB1riIlkZp6FO5Y7f5TFK4FoZ8NSWAdcNQlMnFnBJsoMxRhGP
Requested by
Host: 2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
URL: https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 -, , ASN (),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 0720
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEVFJDgA-vviITTPUPc2L-M&google_cver=1&google_push=AYg5qPKMSsFFo5PTnPWfbhe7eCwj-udMAW1089NYVGthUQPU44siX1woIzREhn20KoRGUb73SA0edhiQscoTp8oW6vtWKK7...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKMSsFFo5PTnPWfbhe7eCwj-udMAW1089NYVGthUQPU44siX1woIzREhn20KoRGUb73SA0edhiQscoTp8oW6vtWKK7kRkJE&google_hm=NDQxODA0NTQzMzcxNzA5MD...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKMSsFFo5PTnPWfbhe7eCwj-udMAW1089NYVGthUQPU44siX1woIzREhn20KoRGUb73SA0edhiQscoTp8oW6vtWKK7kRkJE&google_hm=NDQxODA0NTQzMzcxNzA5MDMwNQ%3D%3D
Requested by
Host: 2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
URL: https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 18 Apr 2022 11:58:20 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKMSsFFo5PTnPWfbhe7eCwj-udMAW1089NYVGthUQPU44siX1woIzREhn20KoRGUb73SA0edhiQscoTp8oW6vtWKK7kRkJE&google_hm=NDQxODA0NTQzMzcxNzA5MDMwNQ%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 0720
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMBfhVQ7t9tuwCTCSbVwzsY&google_cver=1&google_push=AYg5qPJNZuYE6S83LEFKRAM56aW3GXT3KKPVMD-wPP7HxeVTa7p5up_pUFhy2sN32eYlEi4AqWlKxtnC...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg2OTI0NDYyNzEzMTYxMzA1Ng&google_push=AYg5qPJNZuYE6S83LEFKRAM56aW3GXT3KKPVMD-wPP7HxeVTa7p5up_pUFhy2sN32eYlEi4AqWlKxt...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg2OTI0NDYyNzEzMTYxMzA1Ng&google_push=AYg5qPJNZuYE6S83LEFKRAM56aW3GXT3KKPVMD-wPP7HxeVTa7p5up_pUFhy2sN32eYlEi4AqWlKxtnCUBTQbbE6p1tcwvvwhwMA
Requested by
Host: 2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
URL: https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg2OTI0NDYyNzEzMTYxMzA1Ng&google_push=AYg5qPJNZuYE6S83LEFKRAM56aW3GXT3KKPVMD-wPP7HxeVTa7p5up_pUFhy2sN32eYlEi4AqWlKxtnCUBTQbbE6p1tcwvvwhwMA
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0720
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sKT4T6EXT2KLv5JMCv6rpA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sKT4T6EXT2KLv5JMCv6rpA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLXtAWSXZ5tYEF7zl3Hmi_rQrg4-A6TetMTJL7WKbvS8KL-jMiE734-_PaAeLNNiofXbbcMHwsEEc07X1SzvibfpiZYYlUadg
Requested by
Host: 2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
URL: https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sKT4T6EXT2KLv5JMCv6rpA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLXtAWSXZ5tYEF7zl3Hmi_rQrg4-A6TetMTJL7WKbvS8KL-jMiE734-_PaAeLNNiofXbbcMHwsEEc07X1SzvibfpiZYYlUadg
date
Mon, 18 Apr 2022 11:58:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 0720
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELCTa3wb0f9ATUg8iglgYl4&google_cver=1&google_push=AYg5qPLLFcBOT4Ap5MRWkVM1ebiO48dIwMP1ya-slhvFuR18QTUrt6HxOqnyCmvbmB80sGGSV4ATaRRRv6ZtzRUY...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLLFcBOT4Ap5MRWkVM1ebiO48dIwMP1ya-slhvFuR18QTUrt6HxOqnyCmvbmB80sGGSV4ATaRRRv6ZtzRUYRrxTuTQS0CZA_w
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLLFcBOT4Ap5MRWkVM1ebiO48dIwMP1ya-slhvFuR18QTUrt6HxOqnyCmvbmB80sGGSV4ATaRRRv6ZtzRUYRrxTuTQS0CZA_w
Requested by
Host: 2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
URL: https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 18 Apr 2022 11:58:20 GMT
via
1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P4
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLLFcBOT4Ap5MRWkVM1ebiO48dIwMP1ya-slhvFuR18QTUrt6HxOqnyCmvbmB80sGGSV4ATaRRRv6ZtzRUYRrxTuTQS0CZA_w
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
RfMZnZUscKUK6q_VLKJ4BKr2Ry72qEwG6yDpVJ2x7kvA25M6p9Qnew==
/
onetag-sys.com/sync/i,19/ Frame 0720
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELa2ATUSwPgXS00vnTgV7JY&google_cver=1&google_push=AYg5qPJfbGgcI8v-wKyVbeHfrKA2aYQ2zHRJoQGlv9ogbBh1TZv-Yp9SU0GnWN83SDsVgRNuhIozntWvpLy...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPJfbGgcI8v-wKyVbeHfrKA2aYQ2zHRJoQGlv9ogbBh1TZv-Yp9SU0GnWN83SDsVgRNuhIozntWvpLykdqpI8yKBEOzfs0QHmWo
  • https://onetag-sys.com/sync/i,19/?google_error=5
0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,19/?google_error=5
Requested by
Host: 2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
URL: https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/sync/i,19/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 0720 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KkodKmA8ek88yKkL-zYvmCUeDO1Q4DahwjiinhZ6MhdKkF24FHFn1OBykeXqooW07BblJpgA
Requested by
Host: 2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
URL: https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/4976537142131971990/ Frame C864 		12 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4976537142131971990/index.html?e=69&leftOffset=0&topOffset=0&c=t13bGR0GOv&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
673db7640b3d1676c2f5470ef1ed79e2fd86cdc14536650634d193b760acdbc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1868
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Apr 2022 11:58:20 GMT
expires
Tue, 18 Apr 2023 11:58:20 GMT
last-modified
Tue, 15 Feb 2022 16:18:00 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2603 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSmgFuQ65f7NAZ0rndhWSKGKc51Zs6zSV0MHchbCCgjVk4fLMEtFlKgVWwzg_3jTop9hUlbryo6MUmcNnje1QH_2wxFJnQ4f8c0UfnnXmA_AkBumRxjXchNVJ-3M7GGsR8h7ORF_mhDoDzq6duBYmXifgT31MbzObTLv0uGcNj7He6K1VMvNoT0Y1pd534Vh6FPzrYpfimckVMPV-6k3zzAWMTrRAEf0vS-YOQ2gDpX_CR5Z5VDGC0h7Ri4j7akvyFjlhegjCOW70K4f0-oOVTYC2vsokEsSRM-fZOGyoK4qwPurUAAJQF-hDNX9RhvZtUDn6V2mzRxuvyTgFj4Z5PMAkdCd6HBtrWyWxZA74KaVo30TPKCA7aFppzvP2Tc-Vo3HO-_iOOWnU8IRgjlSfxBgzExHkzu0doUOQshtHVxzuFGVfzRZiIfNOOpHrjlY-CFxi348IBA9T-M5yiApfTTkaLc6RNYpOkVTuqbv_2u7FF1ThXbjTvafYItZaXBJ7d3rfMkp8Rxor1tI2x7YcgOo_r0gIahpUkXLVQulFnWOMp-DLxeYseShsywXkten84ODkLk9c8BDuI0_Ac2vk_fn222ZY0gjwGEsJt2LdidhkXFAHrbFm4e713jirH3euiKjI_FrfGK1AT8Vv8uCYQ7-9gC6cOIrggGBf7nqqXZsKm3EGM_ICObOXCE11OBgJdbl8qBaE8r9-6FjLMhbTolAPd5MC8B4rmmqW7gnrIQILUOVDmi7sm6mO_xBG03KAkpL6TPAq0ASmMsuEpLe67kp3Kncg0IYv4VpIon5soclITZCrLnq7Ve70vJrzryLE1K6Ruk-Zt16qIz-rp1JYaSAcwkyhucGJY8yjtNj192eziLQvFwyT805oHB2HEJdVM7QSOiXcRbecZtvaap3l8VCBGVjOoCHQytIDeMDSAfc2yo-iqd7h29ThpxLq_VY_--Y9ImNX45ZxSETafwPy5nESF26HFBBXD6Fwb_L0_RW_JiTb-Mm1Lx2gK1OgwofNe693MfZdVJCw0Iec5HLRdzZZuBI5e8_xWNSOaLNQ8L3GBPuRIJTslLuioX-4x5dgupSM_Zp9iM3pMAgrSScc747rQQ-v1wecwHT0dTKoVguq3sQ039nUWvjshL3QSLzX_qjApNRYAyDbrkXvZzG4tA5bxOcMvZebGU2yL-0dIgz1JW83HwPKpv63XxNpRe552kPLHSQBXn3A3w1141UY5EYL0BODk7VmsG9b3KzZ4TdL0m_yU7-5qu5zijjXcTXXjnPRGCt_stqUKzLzdWxno0EsADSAGfGclh9FYZN0JGBIsFv2FpDPNsQjY9rTu_hnZAYo&sai=AMfl-YSGZGVQ4qs34q7uB65xi3x4xBnOaNU0LWLEQgrNyPmPcIF4zDeRqVHL6x-G9aXP6_zHm8IOZdDHpWmYbgG-ZhuaundlNurG0xKiCg_T5uemXA-JgSvsPoqU9h3U3lo8wopxzA6Cy1FxArltCL53TzifWHNrMltsd5iwieEQDJDAiJvwyE399ZdEW5hhpZ7MBLEgKZ5h1xa9adTPmh-ZznSv&sig=Cg0ArKJSzM-MwxBN8yUiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=175&cbvp=1&cstd=170&cisv=r20220413.12554&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: t.co
URL: https://t.co/EPE1QIG4we
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 18 Apr 2022 11:58:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
pagead2.googlesyndication.com/bg/ Frame 551C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 21:02:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
53734
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13566
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 17 Apr 2023 21:02:46 GMT
1643485919913.css
s0.2mdn.net/sadbundle/4976537142131971990/ Frame C864 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4976537142131971990/1643485919913.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4976537142131971990/index.html?e=69&leftOffset=0&topOffset=0&c=t13bGR0GOv&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01b991a1d46b5935a7894e4e482bcf44d3669e9f692cea5df054180efdf0bd97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4976537142131971990/index.html?e=69&leftOffset=0&topOffset=0&c=t13bGR0GOv&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 05:07:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
370238
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2059
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 16:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 05:07:43 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame C864 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4976537142131971990/index.html?e=69&leftOffset=0&topOffset=0&c=t13bGR0GOv&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4976537142131971990/index.html?e=69&leftOffset=0&topOffset=0&c=t13bGR0GOv&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 20:04:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57260
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Apr 2022 20:04:01 GMT
1643485919913.js
s0.2mdn.net/sadbundle/4976537142131971990/ Frame C864 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4976537142131971990/1643485919913.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4976537142131971990/index.html?e=69&leftOffset=0&topOffset=0&c=t13bGR0GOv&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0163cf949cea5a556b144eb406773e848d3f639848858e5eafa49657b5927f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4976537142131971990/index.html?e=69&leftOffset=0&topOffset=0&c=t13bGR0GOv&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 05:07:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
370238
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11114
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 16:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Apr 2023 05:07:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 551C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLmr-XFJdYpG6Jtjc7_UPi6CC4AMAAAAAOAHgBAI&bg=!AQKlAkbNAAZvJBiFTyQ7ACkAdvg8WnZE6RdVdQ3RKGviaxBkehM_EpVZnL-QVtUPptm9swdFCve5dAIAAABVUgAAAAJoAQeZAt4oaTr1TzhXOD5SKjp_oxmfTWyYkUHGL3mfOX1mjPV7aGK0srdz5KQ2Ch6b-VY4yyD-UXOm_Tra_Gr1n7YmRAqnW9sTt1x1mpj--gLbnfZll0FuTif0JAVPqDK2dPeSzWnWpJ6jJqSvY9T-IMynzdYsY--MyELq42qbKaEnD6XjFM1Zz0P5r_DZ8w1ISKwuXEkdRMX8fozB0w7tv-YYMWoLghYtWedE8n1ND28bhSblFJs-MC_sOBpqEpaUnQpygUtjk8cbBi72fZ_H6gf2jExC5xhA1Jz9hFuwBO1jkSIKXnc7GBF-FCFf3ZXNfk0oRDRDRLDIkYV6eDvN2407Id493Xcv6k7wWCNowcRQZ-YNMu1lg3Yg8hOtf-Epttjno7Bv02rLBggcosZKkJ9whaJMk6B9hZ-iPtED2BVYn7Kn2pq2Wmrs7G8fT02w9AT8_xCMDitMoHsK_EDH2eKZUfnkInn4Ycu77lM-ZoRSItoBdRiyvuo3Jks0Oh1paod7Dd3CeU1x12DUvdHrpBII3Hq1--ZkPSiDjNe_F7GOOHgUL5JcrzmWPdFmmGMlhd-Q17jiyIwhcak7NxaHUr3gEgBsyL25sDO-DoacQ3KqPd5qh4kT_OxghWx0YRIf2DFEtUw4Tk1M14pn8GYtpRdKJ9p_wllSq1AVK7y3mZGoCYFSuvjZxI_VkcUEtBl6mNOOxACgMT9el8hwlbaQbg4tmhBFcjE7aRM58anU0jY-dSgZxlZY9C9gczz4l_OrZpW9f1NnQNiAcC6RBhG2hicf-pM_In2CKkDwrv-cllNcYWnjDwp7IXkAZ7UJ0phO_5TW-STxTQz76G1PHUk7cD_z3JUxSVmThAEVqIZC8xEqQSXceSNpDQSuv7vGHZ-luIOb1eizj0Y8L7bxD1mfLE9IfsjkEZ4RUphunmUDQGoxNgTaiCBSSUeEhqsXwWJM-7vtR9LaUeWyvw5VpDlrhlyOmA
Requested by
Host: 2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
URL: https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:58:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo.png
s0.2mdn.net/sadbundle/4976537142131971990/ Frame C864 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4976537142131971990/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4976537142131971990/1643485919913.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e7db196f52cd053d40a1777734ad97db6b60f69cc485e8c51371a57eba06bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4976537142131971990/1643485919913.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 16:37:57 GMT
x-content-type-options
nosniff
age
501624
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1954
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 16:18:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 12 Apr 2023 16:37:57 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ Frame C864 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4976537142131971990/1643485919913.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 09:37:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
526828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Apr 2023 09:37:53 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C864 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0fcc5b784108ec6038558e602667a50f6d90849017fb71bfe9f64fbd93f74b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 11:58:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C864 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:58:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Apr 2022 11:58:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2603 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSmgFuQ65f7NAZ0rndhWSKGKc51Zs6zSV0MHchbCCgjVk4fLMEtFlKgVWwzg_3jTop9hUlbryo6MUmcNnje1QH_2wxFJnQ4f8c0UfnnXmA_AkBumRxjXchNVJ-3M7GGsR8h7ORF_mhDoDzq6duBYmXifgT31MbzObTLv0uGcNj7He6K1VMvNoT0Y1pd534Vh6FPzrYpfimckVMPV-6k3zzAWMTrRAEf0vS-YOQ2gDpX_CR5Z5VDGC0h7Ri4j7akvyFjlhegjCOW70K4f0-oOVTYC2vsokEsSRM-fZOGyoK4qwPurUAAJQF-hDNX9RhvZtUDn6V2mzRxuvyTgFj4Z5PMAkdCd6HBtrWyWxZA74KaVo30TPKCA7aFppzvP2Tc-Vo3HO-_iOOWnU8IRgjlSfxBgzExHkzu0doUOQshtHVxzuFGVfzRZiIfNOOpHrjlY-CFxi348IBA9T-M5yiApfTTkaLc6RNYpOkVTuqbv_2u7FF1ThXbjTvafYItZaXBJ7d3rfMkp8Rxor1tI2x7YcgOo_r0gIahpUkXLVQulFnWOMp-DLxeYseShsywXkten84ODkLk9c8BDuI0_Ac2vk_fn222ZY0gjwGEsJt2LdidhkXFAHrbFm4e713jirH3euiKjI_FrfGK1AT8Vv8uCYQ7-9gC6cOIrggGBf7nqqXZsKm3EGM_ICObOXCE11OBgJdbl8qBaE8r9-6FjLMhbTolAPd5MC8B4rmmqW7gnrIQILUOVDmi7sm6mO_xBG03KAkpL6TPAq0ASmMsuEpLe67kp3Kncg0IYv4VpIon5soclITZCrLnq7Ve70vJrzryLE1K6Ruk-Zt16qIz-rp1JYaSAcwkyhucGJY8yjtNj192eziLQvFwyT805oHB2HEJdVM7QSOiXcRbecZtvaap3l8VCBGVjOoCHQytIDeMDSAfc2yo-iqd7h29ThpxLq_VY_--Y9ImNX45ZxSETafwPy5nESF26HFBBXD6Fwb_L0_RW_JiTb-Mm1Lx2gK1OgwofNe693MfZdVJCw0Iec5HLRdzZZuBI5e8_xWNSOaLNQ8L3GBPuRIJTslLuioX-4x5dgupSM_Zp9iM3pMAgrSScc747rQQ-v1wecwHT0dTKoVguq3sQ039nUWvjshL3QSLzX_qjApNRYAyDbrkXvZzG4tA5bxOcMvZebGU2yL-0dIgz1JW83HwPKpv63XxNpRe552kPLHSQBXn3A3w1141UY5EYL0BODk7VmsG9b3KzZ4TdL0m_yU7-5qu5zijjXcTXXjnPRGCt_stqUKzLzdWxno0EsADSAGfGclh9FYZN0JGBIsFv2FpDPNsQjY9rTu_hnZAYo&sai=AMfl-YSGZGVQ4qs34q7uB65xi3x4xBnOaNU0LWLEQgrNyPmPcIF4zDeRqVHL6x-G9aXP6_zHm8IOZdDHpWmYbgG-ZhuaundlNurG0xKiCg_T5uemXA-JgSvsPoqU9h3U3lo8wopxzA6Cy1FxArltCL53TzifWHNrMltsd5iwieEQDJDAiJvwyE399ZdEW5hhpZ7MBLEgKZ5h1xa9adTPmh-ZznSv&sig=Cg0ArKJSzM-MwxBN8yUiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=517&vt=11&dtpt=342&dett=3&cstd=170&cisv=r20220413.12554&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: t.co
URL: https://t.co/EPE1QIG4we
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 11:58:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame C864 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4976537142131971990/1643485919913.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4976537142131971990/1643485919913.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:56:14 GMT
x-content-type-options
nosniff
age
127
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100772
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 09:13:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Apr 2022 12:11:14 GMT
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame C864 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4976537142131971990/1643485919913.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4976537142131971990/1643485919913.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:55:06 GMT
x-content-type-options
nosniff
age
195
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58447
x-xss-protection
0
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Apr 2022 12:10:06 GMT
lquadratisch_congstar-xc0fc584a-f12e-4904-809b-d9dfdb018f3f.png
s0.2mdn.net/4528404/ Frame C864 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/lquadratisch_congstar-xc0fc584a-f12e-4904-809b-d9dfdb018f3f.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef78b0de63fc33d07fc75e41360c194aa1afd68c7540fecee6218f1d52037a96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4976537142131971990/index.html?e=69&leftOffset=0&topOffset=0&c=t13bGR0GOv&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 09:30:10 GMT
x-content-type-options
nosniff
age
8891
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94148
x-xss-protection
0
last-modified
Fri, 30 Jul 2021 07:12:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Apr 2022 09:30:10 GMT
mquadratisch_congstar-x_ohne-x-2a40b6d1b-f64b-4fb4-9687-a98690d67cd7.png
s0.2mdn.net/4528404/ Frame C864 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/mquadratisch_congstar-x_ohne-x-2a40b6d1b-f64b-4fb4-9687-a98690d67cd7.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc26ef4cff67814f7f10bc2cbf41bdba6a542f42db8880c9aee87ecc99593067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4976537142131971990/index.html?e=69&leftOffset=0&topOffset=0&c=t13bGR0GOv&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 09:24:40 GMT
x-content-type-options
nosniff
age
9221
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29113
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 15:46:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Apr 2022 09:24:40 GMT
lquadratisch_congstar-xc0fc584a-f12e-4904-809b-d9dfdb018f3f.png
s0.2mdn.net/4528404/ Frame C864 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/lquadratisch_congstar-xc0fc584a-f12e-4904-809b-d9dfdb018f3f.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4976537142131971990/1643485919913.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef78b0de63fc33d07fc75e41360c194aa1afd68c7540fecee6218f1d52037a96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4976537142131971990/index.html?e=69&leftOffset=0&topOffset=0&c=t13bGR0GOv&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 09:30:10 GMT
x-content-type-options
nosniff
age
8891
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94148
x-xss-protection
0
last-modified
Fri, 30 Jul 2021 07:12:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Apr 2022 09:30:10 GMT
iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
pagead2.googlesyndication.com/bg/ Frame 0396 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 21:02:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
53735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13566
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 17 Apr 2023 21:02:46 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 217B 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158451&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

268 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| _rrCode function| setCookie function| getCookie object| PWT object| googletag boolean| gptRan function| loadGpt function| initAdserver object| apstag string| utm_campaign object| adpushup string| isTaboolaBlocked object| disableTaboolaCountries string| __usrCntry object| dataLayer boolean| canRunAds string| __pushSite string| base_url string| ndtv_thumb_src string| ndtv_story_src string| ndtv_story_medium_src number| N string| GoogleAnalyticsObject function| ga object| _comscore string| BOOMR_API_key object| BOOMR number| BOOMR_lstart function| shareOpenHead object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| shareOpen function| snapChatShare object| _taboola function| udm_ object| ns_p object| COMSCORE object| __twttrll object| twttr object| __twttr boolean| apstagLOADED object| BOOMR_mq object| google_conversion_id object| google_custom_params object| google_remarketing_only function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| partnerName string| key function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments string| __pagedesign function| deleteCookie function| redirect function| setCookieN function| getCookieN function| $ function| jQuery function| flashembed object| stk function| StartHeader function| updateLog function| windowScroll function| updateDivSticky number| offset number| offset_opacity number| scroll_top_duration object| $back_to_top function| _rrCodeRun function| loadJSFile function| loadCSSFile function| redir_to_categ function| redir_to_election_state function| redir_to_election_constituencies function| redir_to_election_candidates function| onVideoEnd function| showPhase function| gup function| copypasteinit function| play_video function| show_comment function| hide_show function| story_pic_block_hide_show function| change_element_class function| locate_tab undefined| IMAGE_URL function| set_image_url function| tw_click function| JS_Mobile_Redirect function| swap_tabs function| hide_show_submenu function| vidshowhide_innerpagediv function| toggle_player function| displayCompanionBanners function| writeIntoCompanionDiv number| featuredCurrentId function| FeaturedNextPrev undefined| timeOut function| autoplay_ticker function| getFlashVersion function| hide_show_player_div function| ios_device_detection function| ShowNavigationLevel2 function| HideNavigationLevel2 function| trim function| textCounter function| email_article_validation function| multiEmailValidation function| validateEmail function| validateName function| clean_search_text_box function| highlightSearch function| submit_search_form function| submit_topic_form function| get_site_url function| remove_player function| video_do_not_miss_widget function| display_image_box function| hide_show_three function| change_element_class_three function| apps_swap_tabs function| apps_hide_show_submenu function| iphone_device_detection function| getval function| geVersion string| token function| checkPerms function| requestPermissions function| isFlashEnabled function| checkHTML5Video function| insertCustomSymbols function| lozad number| _rrCodeSt object| _rrCodeLoad function| findAndReplaceDOMText function| Swiper function| ajax_get function| gtmClickEventTracking function| setImmediate function| clearImmediate object| _gat object| _gaq object| google_tag_manager function| tvc_AdBlockEnabled function| tvc_getRatio function| tvc_datLayer_push object| tvc_social_link undefined| tvc_eventAction object| ggeac object| google_js_reporting_queue string| currentState object| google_optimize function| gtag object| msgData number| BOOMR_configt object| apPnpRefresh object| apEuCountries object| _bmrEvents object| _qevents undefined| google_measure_js_timing object| slot_1 object| slot_2 object| slot_3 object| slot_6 object| slot_4 object| slot_7 function| quantserve function| __qc object| ezt object| _qoptions function| qtrack number| BOOMR_onload undefined| tvc_height undefined| tvc_width boolean| initAdserverFlag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests object| aniplayerPos function| avPlayer object| storageAni number| google_global_correlator object| closure_lm_190687 object| _apPbJs function| _apPbJsChunk object| hbAnalytics object| adpTags object| mnet object| Criteo

42 Cookies

Domain/Path Name / Value
www.ndtv.com/world-news Name: __usrCntry
Value: DE
.t.co/ Name: muc
Value: 96ba470a-54b0-433b-b6d2-1d484075415b
.ndtv.com/ Name: _gid
Value: GA1.2.734030611.1650283089
.ndtv.com/ Name: _gat_site
Value: 1
.ndtv.com/ Name: _gat_story
Value: 1
.ndtv.com/ Name: _gat_ndtvnewssite
Value: 1
.scorecardresearch.com/ Name: UID
Value: 15Baa5488c673f73b368ff01650283089
www.ndtv.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.ndtv.com/ Name: _pubcid
Value: 3c50ec84-8acd-49b4-bad3-d626040d9983
.ndtv.com/ Name: tvc_universalCookie
Value: GA1.2.817571239.1650283089
.ndtv.com/ Name: tvc_universalCookie_gid
Value: GA1.2.1681793841.1650283090
.ndtv.com/ Name: _dc_gtm_UA-97665797-1
Value: 1
.ndtv.com/ Name: _ga_3X0HPFNQW2
Value: GS1.1.1650283089.1.0.1650283089.0
.ndtv.com/ Name: _ga
Value: GA1.1.817571239.1650283089
.quantserve.com/ Name: mc
Value: 625d5252-19a54-12fc9-4c731
.ndtv.com/ Name: __qca
Value: P0-1987710438-1650283090083
.ndtv.com/ Name: tvc_adBlocker_check
Value: 1
.www.ndtv.com/ Name: RT
Value: "sl=1&ss=1650283088854&tt=1310&obo=0&bcn=%2F%2F02179916.akstat.io%2F&sh=1650283090180%3D1%3A0%3A1310&dm=www.ndtv.com&si=06448aa1-7b09-4c55-bd09-44798ab02866&ld=1650283090180"
.adnxs.com/ Name: uuid2
Value: 8609762859183615369
.casalemedia.com/ Name: CMID
Value: Yl1SU2bP0H8x5hwEskKzKAAA
.casalemedia.com/ Name: CMPS
Value: 3271
.casalemedia.com/ Name: CMPRO
Value: 1162
.casalemedia.com/ Name: CMST
Value: Yl1SU2JdUlMA
.ctnsnet.com/ Name: cid_a8f9be90d8ac495d8dc6ccb57a7dd058
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBFNSXWICEP-iScE6huvPjpzpTXGpEdQFEgEBAQGjXmJnYgAAAAAA_eMAAA&S=AQAAAqWWygzXCOCV51jDXTcEg7Y
.casalemedia.com/ Name: CMRUM3
Value: e6625d52532760&6d625d52532760a8f9be90d8ac495d8dc6ccb57a7dd058&49625d525305a0&33625d525305a0&27625d52530b40&2d625d52532760CAESEAadR-LpCPO7jJ14yG7Udqk&da625d52532760&f1625d525305a0
.adsrvr.org/ Name: TDID
Value: d087d92f-ab61-4541-8997-7fa4bf9836c4
www.ndtv.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22d087d92f-ab61-4541-8997-7fa4bf9836c4%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-04-18T11%3A58%3A11%22%7D
www.ndtv.com/ Name: id5id
Value: %7B%22created_at%22%3A%222022-04-18T11%3A58%3A11.502684Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
.ndtv.com/ Name: panoramaId_expiry
Value: 1650369491553
.doubleclick.net/ Name: IDE
Value: AHWqTUkj5G5VI7w5b7wSDZfw0TcIf82B7rT3iHaCuujNgIm3_fdprVhe8zZKR4bnQfU
.ndtv.com/ Name: __gads
Value: ID=d317da4ffd7b4706:T=1650283090:S=ALNI_MaFSNtPOZNsvEH4Z3AXzoSw_HcKPg
go1.aniview.com/ Name: aniC
Value: 1650283093008-912834300205-005476-003-004954
.aniview.com/ Name: 2_C_200
Value: OPTOUT
sync.aniview.com/ Name: 2_C_200
Value: OPTOUT
.doubleclick.net/ Name: DSID
Value: NO_DATA
.rubiconproject.com/ Name: khaos
Value: L24NY38K-J-1S4X
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB0mQFS/R1dkfT5APvdogVCbaTd6KyMQnau0RTcz8e+19S8VYA0yHasqwgUMtrcZPrRymPvo8pleP+oyBNGqA3hLf3XlCsoNzYA=
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEw2aT1kgY4AUABSAEKGAig1ncQChgCIAIoAjDWpPWSBjgCQAJIAhDZpPWSBhgC
e.serverbid.com/ Name: azk
Value: ue1-sb1-164243f2-5a72-453d-b715-436c4134478a
prebid.a-mo.net/ Name: __amc
Value: 1_1650283097_1650283097
.technoratimedia.com/ Name: tads_uid
Value: GDPR

13 Console Messages

Source Level URL
Text
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript error URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Message:
Access to XMLHttpRequest at 'https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto' from origin 'https://www.ndtv.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Message:
Access to XMLHttpRequest at 'https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto' from origin 'https://www.ndtv.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Message:
Access to XMLHttpRequest at 'https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto' from origin 'https://www.ndtv.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.ndtv.com/world-news/western-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472
Message:
Access to XMLHttpRequest at 'https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto' from origin 'https://www.ndtv.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.ndtv.com%2Fworld-news%2Fwestern-hackers-used-russias-own-ransomware-against-it-in-cyberattack-on-roscosmos-report-2885472&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://adpush.technoratimedia.com/openrtb/bids/adpush?src=prebid_prebid_4.43.0
Message:
Failed to load resource: the server responded with a status of 455 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02179916.akstat.io
2a3ef4f730bf0b6a9d801ddfc14ad9ab.safeframe.googlesyndication.com
a.teads.tv
abs-0.twimg.com
acdn.adnxs.com
ad.doubleclick.net
ade.googlesyndication.com
adpush.technoratimedia.com
adpushup-d.openx.net
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
alerts.ndtv.com
ap.lijit.com
api.fouanalytics.com
aplogger.adpushup.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.go-mpulse.net
c.ndtvimg.com
c1.adform.net
c2shb.pubgw.yahoo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.ndtv.com
cdn.syndication.twimg.com
cm.ctnsnet.com
cm.g.doubleclick.net
code.jquery.com
csi.gstatic.com
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
e.serverbid.com
e3.adpushup.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.connectad.io
i.ndtvimg.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
ndtv-d.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
platform.twitter.com
player.aniview.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
pubads.g.doubleclick.net
rr5---sn-5hne6nsz.googlevideo.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.go-mpulse.net
s.youtube.com
s0.2mdn.net
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.aniview.com
sync.crwdcntrl.net
sync.mathtag.com
syndication.twitter.com
t.co
t.pubmatic.com
tg1.aniview.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
wapi.ndtv.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.ndtv.com
x.bidswitch.net
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
simage4.pubmatic.com
104.244.42.197
104.244.42.8
104.244.43.131
104.36.113.107
104.36.113.24
104.92.100.195
108.138.3.177
13.32.99.90
141.148.45.191
142.250.184.194
142.250.185.66
142.250.186.98
147.75.38.124
151.101.65.108
169.50.137.182
172.217.16.6
178.128.135.80
178.250.2.131
178.250.2.146
178.250.2.151
18.193.173.189
185.255.84.151
185.64.189.110
185.64.189.112
185.86.138.121
198.47.127.19
2.20.157.2
2.20.157.55
2001:4de0:ac18::1:a:2b
209.54.177.54
213.155.156.184
213.19.147.45
216.200.232.249
23.205.235.133
23.35.229.56
23.97.225.52
2600:9000:2118:9000:6:44e3:f8c0:93a1
2600:9000:225e:9400:1b:5138:8a40:93a1
2602:803:c004:200::141
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:1857
2606:4700:10::6816:37ce
2606:4700:3036::ac43:c834
2606:4700:4400::ac40:99f7
2606:4700::6810:5514
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:808::2003
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2006
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2002
2a00:1450:4007:80d::2003
2a00:1450:400c:c07::65
2a00:1450:400c:c0b::9c
2a00:1450:400e:4f::a
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00:292::24e8
2a02:26f0:6c00:2b9::11a6
2a02:26f0:6c00:2bd::24e8
2a02:26f0:b600:188::2c79
2a02:26f0:b600:19b::2c79
2a02:26f0:f7:181::11a6
2a02:26f0:f7:1a0::24e8
2a04:4e42:200::300
2a05:d018:d29:3602:7f38:53ec:3dfe:9e2b
3.126.56.137
3.232.80.154
3.70.4.136
34.107.148.139
34.249.222.239
35.186.193.173
35.244.159.8
35.71.131.137
37.157.2.237
37.252.173.62
44.194.158.136
51.124.210.81
51.79.83.225
51.89.21.21
51.89.9.253
52.202.68.121
52.28.203.152
52.59.116.64
54.194.75.122
66.155.71.25
69.173.144.138
72.251.249.13
8.28.7.92
01b991a1d46b5935a7894e4e482bcf44d3669e9f692cea5df054180efdf0bd97
04e835d76058e5b931b8308d423c80a750ee724f589d5278f54b436409e0ba11
04ff2a6b06f36828fc6c2d11e21ab67642b7050175aee2843e18d7e57f06f63f
051507d470eac61f4669c700ad51820ac92ca9916b62b6e9fe7f8be1e05bf57a
0545b9603060652c66a0d9d1a71b22696acbcd5cd8a6eca8a5516954852daa7b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
074dcc2dd0041092ca75998f293bc08dee81495a8f1993d9913320cdb3fc1e88
08f727d493d0590199568403e67b29c88db5b674e90532f49d013e6e233224fc
0aedb0c8a9626fa18c33e6aa09e079bade4ace2c74cacdcdd082c0fdf5a8f91a
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0e38eebd42f41bf6350599b6de84a0a2197dda812e897beadbdf83c68f86a6d8
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fe5581c98d1923ae1c3560ef1010cc5db5451125ebf142726413f7a87f31db0
0ff597f382b4119059eb7eb0c78fe221b8552a3879b93f9bc3d8870d4c97a586
116c0b5c8ade4ffcd501da8e384e51dff997e2d51c39bbb32271e5bf3d5a56cf
1225499c83b1fecef024adbb27460d262a734ec785d76e718d17787281d31fff
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a4e29c96a1fdfda599991ceae53622141a8bb977b65998435cb017faaa6266
1525fb676c2c4a51d19bb5acb09495d6579952f54477606a8266dfe0bc1f56d2
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
1aedb2711988ec4a9ffab92ebce0eab74563bdf8029e8cbfa3bb254a54fccc21
1b6690b0cf860c3a3de832c719df675a6c2afe6f9a2df0bf9d2dd9ab5133c0e0
1c87df69409c1157dfd6eb38773268bfb11fa55daee7ff2fcb59088e9a72004d
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
2157c8a2ea78c709c1f24e54ae5531e2aba63765a985c246e88968714a848a34
25337532fdfe471ab004131890a0d63054cce7a9ef0fc377a96ebc0e166321e9
2648c1ae9e555963ba16fce4575a0cf9e90bb994a6dc14c19a06171545ca3971
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2767df6736abef725fe8b1e39307f402dc27a7c8341f9354a8c1b883dcc563dc
2882ab610284e948dbb350e842bf7ce81a5d4e0f9e8c791d3a1d776b5f00b10e
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a731903d6c5681c15fb95da42d7676b7b0a77a14c4553edb7b03d490e153b7b
2a7e90a4b19d2e01f93f2fa38376ae2edb5494934a2ead9ac38fad062fd29db8
2adbc1284ca9d9112ba040558cdf529cceaa530271e38f253fc9e7bdf51c4242
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
2c58f47c6ac971d12240bc24f7ffb05a35d4dc1ecf9a65027cda880c5a68da8f
2d102f5e74151c680fe8f549ea495cd4675cb12466f911fbc5cf14d5a24655b7
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
2f3c9dfcf089f8cd802a7771c6a5e359baae8cba73fed2153ef0dd802e5ef04c
2fc129edf90bfd24d24041d2b2441c833d93370fed52981b7bc0a21b90137afe
30c5fac86e436689b3c77017c8e2b3f90abe3609b96efb19d3093c8827afefa7
3133a894049d9adc7cb8548c5f7db5438f4faaa19c764bf13fcf00acd084176d
31bb64056828a6bd12602213ec0378cb20e0f6a3d811a308d23c948a09f0ebbb
322f376069dfd94b9b6cb9bebfe915ba60cd31567b6b4c610f79f27be6eaaa9c
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
355273fd7508ba75e19a97a709204a6448a4f36972a90bd71111417db1688fe5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36e9b8ac728e97dd471e576c6e0bcea8034b81123c9375fed98c4d61c1c6b9f3
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3d52f3a0899cf3d2018c710f7a621c65fdae97d878b19bee74243af5e7cdc4c8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40b0582a0e053cadd789c6a88e0292f9e8711e1a2509c708d147064b85dc71b5
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a
4299d2671ab41311064d1d2de412d6ef93e1f8cff8cc38cd67326b0c6f30db68
42dc5d0ebb999932f913982e5274328dd00d6b471e10a21d1eb4788518b874ae
433690ad3bf3079209b883285e24091db403eac28af94b1af35258864afe179d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
446162f5a3076516226574dd1e78e637aa8735c3cd30156d82d7b2653741aa4e
46c63b7687dff2a81b35907e2cc2fa1a3318876dd6088a26b6226c2217ccb482
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4906f379b29e1b33abbb5b6c34e4a97ea3e39dd268d7f734861791a4517e088a
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49db2f6fcf6efeeb6577fa14e48c7d22e711ba449ea382ca9b91ef04c128bca3
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4b29c754ca22f2526e855b27bd5b224c0055cef83f993cb583e291272164735d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dd1daa068762cf437fb11165e7813addb5d2f5d79c8755a5e2de471dff62e63
4e19ca1270496b1b96e7e74ead4b34c67133d6f29376d34da8b7a26ac8ca9a32
4ef2d16ee3edb97fe38c6044a52867f46f94c92726c3f5abb0e7de15e1737332
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52906281295c0e3f6a1f36af383323f1e48c37186e00d895f4be372ed25fa1b4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561ec16985560775a59129b7fb9fe44507fc6bf03d09f66680d3434952976918
5bac60bb9c0e400c17ef9900211179149c12fe2a2b2a1dc17d0f4a252f3d7bac
5deb3d37787b5639afc3d09de4cdc4d07d52de66d0686d782e24c9fe512fbedc
5fca8cba66a6135778cc90e42947f68bb3aaa3e09caf7c8db5f19e744bdbd369
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
646b61b7f8fb0a6f4d51bb6c94d0fc88606bcf604e205c06cb1241a170a4bd9d
6488702a0e7671b6dffbd90134df44b06412e707fd003a355c028c86dd525af7
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67370e47d8b0e16fc5457dfe272ebcaa8e5cf790ce4be3db4a36174e642c9488
673db7640b3d1676c2f5470ef1ed79e2fd86cdc14536650634d193b760acdbc0
67a23548053e4fe2e7b49ebe723ba175765cb95aebf8daba821d69b6351b2c6d
6800d6ebc338380bd001473745bf2f95b48ab5c140f9faff200ab728500a6c0b
6818abaeab1a91ae452cf39e1c9ee0962ed57319f1c5c1fadb0b95ef6929b9b4
681f75c1b34aaf1f8a0eae3f7426d14538ca9125ed93c289b14ad57b7976a481
692381cc1d4c2d8f88a02c18519d57db15e093a15fd010fdfb99f40cd2480efe
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a97fba598af2b2ab51ac27ab253e61e66897646280b561b0f9c8ed0feb6d562
6bc8c93d1550a77f45c0fe4c93df72a6020cd4b6c6d8296a7aaf69771ad48682
6d9043e145618922aa085ace9bff0833c54b5438ee872da3e4e8b79d91108aca
6ea1756133bd72e56787ced47da01647a8d99942d2fbd29328d786c04b230c62
6f7bb70f5a1d736a9913474e61b5070026dbee34a7784326b9e143079dea03fd
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
71c84082f06b4c677043354f1b6177134b87adbd1bdb9d48b85905f36110e38b
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75427f4e724fd6b764c90cd4cf8e227ceeea7c17e525085451b7a0fa364f3f96
76a480131a1a42e1dc39e356130ad8d09868347683d44131e57c4c917bfd2acd
782b1703d27a21098a5e8d27c4e2d3b294453005bb93e0ff177a9c87fd4f30c3
7a82d919cd3a66eb6623565d65433eb0d81a4373d43a5625409370d8ae468d29
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83746571a58d9ef5351b5d346c481a9d59bebf576c6283180dbc3afdf15d5d29
83969a1a3a3811a364150fb119ea75fdffd63e730583462c90f01ca340aeb639
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
869f1aefcd289d14fa401b99a115ae0ca04252c702ca483fbb11c273ef686d44
872155e131359e0feaf043a07dd1136942ccd2f0f48864668d0770f3908bc55c
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
88e4e0644a8cc0fcbfa80087d7b4b01ed78b002161c806a48b82cbcc0ba8990e
8993847fc5ab8598921a6022687d68c0efd65ba5e26f8b970ad2b83466edce8f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ad31e4e2ca36d66a9484937b76f003c8534d205da98fc90fe9d8fb7706e043b
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8e7db196f52cd053d40a1777734ad97db6b60f69cc485e8c51371a57eba06bee
8ea98b70ab98b45de62cd4bd45e9c35e459280645af4478afc79ef0e42f37360
8eb3284f8f32bbe3237c3015b9a768af996ff8d3c3992750610ea96ff356f5f7
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
8fec7b3114dfb16c91e7f519f46fb35cacfa70957e30200cf86795388e928ebc
9013854b5bb446878dc7fbb34f6b3d8b2eda5cec70ed60b12d36d9d70ab9df21
9047596d712bb4087059b7c48abfd97230292bdb7b2b1e903bf4687b279dafb0
95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4
9627d8bd0830622fa2a697d046020ce70ac3784496b0581387085ef35213d953
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
9837ff1b9b5c890cfb2000eedb60ad9e1eea565fbb8c8513a6d8a3a1cd8b187c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b7c6681187d284901202f1fc0bb1d366a2ebcafb64789a327a5e7b8b5781df1
9f2fc412da514ae1b4748fb922a7e06c5aab9a29296e3c021f86513f6a1e8ae5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0163cf949cea5a556b144eb406773e848d3f639848858e5eafa49657b5927f4
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a55664368695a544c342887f97b8e8e5b2812b2e782cc1006fbf4eb95d4f8c8f
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a6800dfadc0743c75e5aadd0111ff5c6e65c91734023b355b26367c9e3ed0367
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab01e87bb8725cb986eef22a6db89962744cede11de7f4beeaad67ec691a0618
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca55acb597ee86d843ec6c503454b7cf766160d85c6d978c1ddf0dca0386ea7
adb28581b5d6ce42a23ab68838d95ec82b5191f7200615ca26e4f6738dc365a8
adebbd97630c89f9d33e4d02db4fba45f2a359328c7d71f0de6efa2cd3dd6d5d
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
af7bbebc68e889dad715e26e73992eccc67626855ee99dab3309771c2ba66651
af89f810bd0a6c5b863889f0dc97ca8fae16026665e163941e4dfa8c3070f6e1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
b67c1f9db766d16c4dce1708a903cb3e70da2479c61ffb961d4cd2fa51a5865f
b7e85da66bcb7ef7efafc1db0af8aa33ac72a525356221f8fe4a3ed2ec34f235
b82a5f1d7b6028df265f37ed644acd0267461286715e1b62f7d83361319810b8
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd2afc7feff7251f7a8561b0dd06881d95d0cccc162e0f3fb47665254c316ec6
c0dfe30ae00c4c503b193a29f98a99dcd87c69319e20d8f03eb140acd6c17df7
c212c11043b37efadf724a3bb4e87c97ba163c9743f24e70abe23359d33ad08e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29e442d2011e4719ad14e163a6e9179c2adcb6c2add183ad27ccfdb3cac1a8e
c2b0ee7daaebec2a5db0a2812c7cd046f442ce83fcfd85217835353fa2033b49
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c76e9406067155766a796b39d63d8e1d624b6433b374648c5c7c70984bb1af3e
c7caa90ed1a5ceb5f3dcdb5efd94c891c4d9c507777997a50b7b361ea9e4fffb
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4
c7cddd0f22db630a6d8980f83159e6c0cc28a003e628d6bdcd9225782073089a
c93597f47f53dc63d1240237f5e29975805f3c75126cdd52f0d9ae2c3f6546c9
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd896bec219bda00d0a0d6893a938cecb96ca2cb7a6a4158e55fd8ccd0b33d8e
cf0d7416fca1a50a7911003233baf97224710870c61940f690b24dbd2e7058b0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d3a0b3f90ea805e2fe0963729af768086ee5408a8e89986dcf0c8c868a33d2e1
d4e210d814b8935d67fae43dbf2379a8e3661b4cb0dc56043e82835ee315899e
dc07b50cb073334c01a32b936de167c4ed545b334bf57e4377e0914c098efb5f
dc89c933d5f3a060b6d6529c1f6748bbe87213a8aa11eca62361b67a2c39266b
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e079f724a009094d86c612ec6c1a7e36ca8e822b0c420415aa09cccd7a5c60bd
e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f
e0fcc5b784108ec6038558e602667a50f6d90849017fb71bfe9f64fbd93f74b5
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2a6bdf273bffa2aa954a722f1e4b011faf8fef932ced3ab8472dbd84a6964d8
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3113f69bb04f4800ae206915ee9ca4970d6141040a035a8d9f95bbcbd2cd678
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e8d22641c2782685ea3519c108c9db13cd4b669b88135ed800b8c1c779146a
e51817621f726175b95fd5aea0c149fbadf33070243d35720f32b930f581422e
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef78b0de63fc33d07fc75e41360c194aa1afd68c7540fecee6218f1d52037a96
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f1882c762bf492837eea6aa2758ab13645e3a29e02bfa1b0aa40ae38f9815d80
f272a97abda53628d3a8d8a4cfcc3c6ba9312512643bccce3fb2a3bc9276d14b
f3c687666850217c5a5477ac42cda73888e783ba56a49e56fe1321418f713e3f
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f95a8bd6ded229bc2cb6978d712e3bbaf6b30cd4b4a671c5ebf48bc767f56672
fc26ef4cff67814f7f10bc2cbf41bdba6a542f42db8880c9aee87ecc99593067
fda0ece311fd4b118b1c0425fe36f03dca3189ee41db0de65915e84a6356dc81