www.indiatoday.in Open in urlscan Pro
2a02:26f0:6c00::210:ba0b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://alrts.foppscolor.com/ga/click/2-293914979-1169-245310-471842-305882-99f258342a-33bfc78735
Effective URL:
https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-l...
Submission: On August 30 via api (August 30th 2021, 1:07:08 pm UTC) from US

Summary HTTP 275 Redirects Links 45 Behaviour Indicators

Summary

This website contacted 68 IPs in 10 countries across 53 domains to perform 275 HTTP transactions. The main IP is 2a02:26f0:6c00::210:ba0b, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.indiatoday.in.
TLS certificate: Issued by GeoTrust RSA CA 2018 on January 13th 2020. Valid for: 2 years.

This is the only time www.indiatoday.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.96.100.188 103.96.100.188	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
4	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
37	2a02:26f0:710... 2a02:26f0:7100:1b1::1ac0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.9.74.67 52.9.74.67	16509 (AMAZON-02) (AMAZON-02)
5	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba61	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.93.47 13.224.93.47	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1 3	13.224.93.85 13.224.93.85	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:6c0... 2a02:26f0:6c00:2a2::1ac0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:8c00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
4 10	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
12	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2016	15169 (GOOGLE) (GOOGLE)
2	104.111.232.29 104.111.232.29	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
4 7	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2600:9000:219... 2600:9000:2190:9600:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2 9	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 6	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
4 4	213.155.156.184 213.155.156.184	1299 (TELIANET ...) (TELIANET Telia Carrier)
14	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8 9	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
4 4	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	51.210.112.236 51.210.112.236	16276 (OVH) (OVH)
2 2	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
2	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
4 7	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
4 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
5	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1 2	209.54.176.128 209.54.176.128	16509 (AMAZON-02) (AMAZON-02)
1	35.241.40.233 35.241.40.233	15169 (GOOGLE) (GOOGLE)
1	72.251.241.196 72.251.241.196	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	185.183.112.148 185.183.112.148	60350 (VP) (VP)
1 1	52.86.210.192 52.86.210.192	14618 (AMAZON-AES) (AMAZON-AES)
1	54.36.109.48 54.36.109.48	16276 (OVH) (OVH)
1	52.30.140.199 52.30.140.199	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
50	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:1600:a:5b2c:b080:93a1	16509 (AMAZON-02) (AMAZON-02)
4	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2600:9000:219... 2600:9000:2190:a600:3:6e47:11c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:4a00:f:b7c0:a340:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	13.224.193.67 13.224.193.67	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:2190:ca00:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	54.88.192.18 54.88.192.18	14618 (AMAZON-AES) (AMAZON-AES)
1	104.18.135.145 104.18.135.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20eb:f200:1c:5da3:a000:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.16.200.58 104.16.200.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:4036	13335 (CLOUDFLAR...) (CLOUDFLARENET)
275	68

1 103.96.100.188 (India) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)
PTR: cluster-103.188.foppscolor.com

alrts.foppscolor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00::210:ba0b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.indiatoday.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a02:26f0:7100:1b1::1ac0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

akm-img-a-in.tosshub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.9.74.67 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-74-67.us-west-1.compute.amazonaws.com

saxp.zedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba61 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.93.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-47.zrh50.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.93.85 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-85.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:2a2::1ac0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

recengine.intoday.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:8c00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.232.29 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-232-29.deploy.static.akamaitechnologies.com

smedia2.intoday.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.172.38 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:9600:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.2.236 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.184 (Uppsala, Sweden) 4 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.23.98 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.132.241 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.210.112.236 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-1.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.69.109 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.248.242.197 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pr.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.js7k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.176.128 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.40.241.35.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.148 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.210.192 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-210-192.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.109.48 (France)

ASN16276 (OVH, FR)
PTR: p03.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.140.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:1600:a:5b2c:b080:93a1 (United States)

ASN16509 (AMAZON-02, US)

pubs.contextads.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:a600:3:6e47:11c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

impulse.contextads.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:4a00:f:b7c0:a340:93a1 (United States)

ASN16509 (AMAZON-02, US)

dac.contextads.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.193.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-67.fra2.r.cloudfront.net

delivery.contextads.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:ca00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.88.192.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-192-18.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.135.145 (United States)

ASN13335 (CLOUDFLARENET, US)

config.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:f200:1c:5da3:a000:93a1 (United States)

ASN16509 (AMAZON-02, US)

vibecdn.contextads.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.200.58 (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:4036 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	googlesyndication.com e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	594 KB
37	tosshub.com akm-img-a-in.tosshub.com	515 KB
32	doubleclick.net 9 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net	238 KB
31	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com image6.pubmatic.com image2.pubmatic.com image4.pubmatic.com simage2.pubmatic.com t.pubmatic.com aktrack.pubmatic.com	171 KB
11	ampproject.org cdn.ampproject.org	220 KB
11	google.com 4 redirects www.google.com adservice.google.com	14 KB
10	rubiconproject.com 3 redirects fastlane.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com	17 KB
9	youtube.com www.youtube.com	670 KB
8	contextads.live pubs.contextads.live impulse.contextads.live dac.contextads.live delivery.contextads.live vibecdn.contextads.live	43 KB
8	adnxs.com 4 redirects ib.adnxs.com acdn.adnxs.com	23 KB
8	casalemedia.com 2 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	8 KB
7	yahoo.com 5 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com ads.yahoo.com pr.ybp.yahoo.com	9 KB
7	adsrvr.org 4 redirects match.adsrvr.org	3 KB
7	googletagservices.com www.googletagservices.com	237 KB
6	adform.net 5 redirects c1.adform.net	3 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	79 KB
6	intoday.in recengine.intoday.in smedia2.intoday.in	5 KB
4	mathtag.com 4 redirects sync.mathtag.com	3 KB
4	de17a.com 4 redirects d5p.de17a.com	1 KB
4	indiatoday.in www.indiatoday.in	60 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	google-analytics.com www.google-analytics.com	59 KB
3	branch.io cdn.branch.io api2.branch.io	25 KB
2	glotgrx.com pre.glotgrx.com	438 B
2	yabidos.com pixel.yabidos.com	25 KB
2	yimg.com s.yimg.com	41 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	631 B
2	simpli.fi um.simpli.fi	1 KB
2	exelator.com 2 redirects loada.exelator.com	2 KB
2	onaudience.com 1 redirects pixel.onaudience.com	736 B
2	criteo.com dis.criteo.com	676 B
2	indexww.com js-sec.indexww.com	2 KB
2	google.de www.google.de adservice.google.de	272 B
2	izooto.com cdn.izooto.com	46 KB
2	zedo.com saxp.zedo.com	29 KB
1	seedtag.com config.seedtag.com	13 KB
1	chartbeat.net ping.chartbeat.net	201 B
1	chartbeat.com static.chartbeat.com	14 KB
1	js7k.com cdn.js7k.com	9 KB
1	crwdcntrl.net id.crwdcntrl.net	829 B
1	id5-sync.com id5-sync.com	535 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com	380 B
1	adotmob.com 1 redirects sync.adotmob.com	689 B
1	adgrx.com cm.adgrx.com	408 B
1	brand-display.com dmp.brand-display.com	253 B
1	rlcdn.com id.rlcdn.com
1	ytimg.com i.ytimg.com	48 KB
1	ggpht.com yt3.ggpht.com	5 KB
1	app.link app.link	567 B
1	googleapis.com fonts.googleapis.com	870 B
1	googletagmanager.com www.googletagmanager.com	45 KB
1	foppscolor.com 1 redirects alrts.foppscolor.com	723 B
275	53

	Domain	Requested by
50	tpc.googlesyndication.com	www.indiatoday.in securepubads.g.doubleclick.net cdn.ampproject.org e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com tpc.googlesyndication.com
37	akm-img-a-in.tosshub.com	www.indiatoday.in akm-img-a-in.tosshub.com
12	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.indiatoday.in
11	cdn.ampproject.org	securepubads.g.doubleclick.net
10	www.google.com	4 redirects www.indiatoday.in www.youtube.com tpc.googlesyndication.com
9	cm.g.doubleclick.net	8 redirects www.indiatoday.in
9	googleads.g.doubleclick.net	1 redirects www.youtube.com www.indiatoday.in e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com
9	www.youtube.com	www.indiatoday.in www.youtube.com
8	image2.pubmatic.com	ads.pubmatic.com
7	match.adsrvr.org	4 redirects www.indiatoday.in ssum-sec.casalemedia.com ads.pubmatic.com
7	ib.adnxs.com	4 redirects ads.pubmatic.com acdn.adnxs.com
7	www.googletagservices.com	www.indiatoday.in securepubads.g.doubleclick.net e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com
6	pagead2.googlesyndication.com	www.googletagservices.com www.indiatoday.in securepubads.g.doubleclick.net tpc.googlesyndication.com
6	simage2.pubmatic.com	ads.pubmatic.com
6	c1.adform.net	5 redirects ads.pubmatic.com
5	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
4	t.pubmatic.com	www.indiatoday.in ads.pubmatic.com
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	pixel.rubiconproject.com	www.indiatoday.in
4	ups.analytics.yahoo.com	4 redirects
4	sync.mathtag.com	4 redirects
4	d5p.de17a.com	4 redirects
4	e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	recengine.intoday.in	akm-img-a-in.tosshub.com
4	ads.pubmatic.com	www.indiatoday.in ads.pubmatic.com
4	www.indiatoday.in	www.indiatoday.in
3	delivery.contextads.live	impulse.contextads.live delivery.contextads.live
3	token.rubiconproject.com	3 redirects
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	image4.pubmatic.com	ads.pubmatic.com
3	hbopenbid.pubmatic.com	ads.pubmatic.com
3	sb.scorecardresearch.com	1 redirects www.indiatoday.in
3	www.google-analytics.com	www.indiatoday.in www.google-analytics.com
2	pre.glotgrx.com
2	pixel.yabidos.com	www.indiatoday.in pixel.yabidos.com
2	impulse.contextads.live	pubs.contextads.live impulse.contextads.live
2	s.yimg.com	www.indiatoday.in
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	sync-tm.everesttech.net	2 redirects
2	um.simpli.fi	ads.pubmatic.com
2	loada.exelator.com	2 redirects
2	pixel.onaudience.com	1 redirects ads.pubmatic.com
2	dis.criteo.com	ads.pubmatic.com
2	image6.pubmatic.com	ads.pubmatic.com
2	js-sec.indexww.com	ads.pubmatic.com ssum-sec.casalemedia.com
2	eus.rubiconproject.com	ads.pubmatic.com eus.rubiconproject.com
2	api2.branch.io	cdn.branch.io
2	smedia2.intoday.in	www.indiatoday.in
2	cdn.izooto.com	www.indiatoday.in cdn.izooto.com
2	saxp.zedo.com	www.indiatoday.in saxp.zedo.com
1	vibecdn.contextads.live	delivery.contextads.live
1	config.seedtag.com	www.indiatoday.in
1	ping.chartbeat.net
1	static.chartbeat.com	www.indiatoday.in
1	dac.contextads.live	impulse.contextads.live
1	aktrack.pubmatic.com	www.indiatoday.in
1	cdn.js7k.com	pr.ybp.yahoo.com
1	pubs.contextads.live	www.indiatoday.in
1	pr.ybp.yahoo.com	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	id5-sync.com	ads.pubmatic.com
1	beacon.lynx.cognitivlabs.com	1 redirects
1	sync.adotmob.com	1 redirects
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	dmp.brand-display.com	ssum-sec.casalemedia.com
1	ads.yahoo.com	www.indiatoday.in
1	pr-bh.ybp.yahoo.com	1 redirects
1	id.rlcdn.com	www.indiatoday.in
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	acdn.adnxs.com	ads.pubmatic.com
1	www.gstatic.com	www.youtube.com
1	htlb.casalemedia.com	ads.pubmatic.com
1	fastlane.rubiconproject.com	ads.pubmatic.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.google.de	www.indiatoday.in
1	stats.g.doubleclick.net	www.google-analytics.com
1	app.link	cdn.branch.io
1	fonts.googleapis.com	www.indiatoday.in
1	www.googletagmanager.com	www.indiatoday.in
1	cdn.branch.io	www.indiatoday.in
1	alrts.foppscolor.com	1 redirects
275	84

This site contains links to these domains. Also see Links.

Domain
malayalam.indiatoday.in
www.businesstoday.in
www.dailyo.in
www.aajtak.in
www.thelallantop.com
www.ichowk.in
www.readersdigest.in
auth.indiatoday.in
quiz.indiatodaygaming.com
play.indiatodaygaming.com
www.facebook.com
twitter.com
www.youtube.com
web.whatsapp.com
www.cosmopolitan.in
subscriptions.intoday.in
mailtoday.in
moneytoday.intoday.in
www.readersdigest.co.in
subscriptions.digitaltoday.in
aajtak.intoday.in
www.ishq.com
www.indiatodaygaming.com
connect.indiatodaygaming.com
www.vasantvalley.org
www.indiatodayconclave.com
www.robbreportindia.com
theredlab.in
www.thomsonpress.com
www.caretoday.in
www.music-today.com
www.indiacontent.in
www.headlinestoday.in
www.indiatodaygroup.com
goo.gl

Subject Issuer	Validity	Valid
www.indiatoday.in GeoTrust RSA CA 2018	`2020-01-13` - `2022-03-13`	2 years	crt.sh
www.aajtaklite.com GeoTrust RSA CA 2018	`2021-07-21` - `2021-12-26`	5 months	crt.sh
saxp.zedo.com Go Daddy Secure Certificate Authority - G2	`2020-04-08` - `2022-06-07`	2 years	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.izooto.com DigiCert SHA2 Secure Server CA	`2021-05-05` - `2022-05-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
appipv4.link Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.onaudience.com Certyfikat SSL	`2021-05-28` - `2022-05-28`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-16` - `2021-10-06`	2 months	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.brand-display.com GeoTrust RSA CA 2018	`2020-06-24` - `2022-06-24`	2 years	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.id5-sync.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-07-26` - `2021-09-15`	2 months	crt.sh
delivery.contextads.live Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-12` - `2022-07-11`	a year	crt.sh
*.glotgrx.com Go Daddy Secure Certificate Authority - G2	`2020-12-14` - `2022-01-12`	a year	crt.sh

This page contains 32 frames:

Primary Page: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Frame ID: DC8941EA724719776C7C61C370FD2E52
Requests: 112 HTTP requests in this frame

Frame: https://www.youtube.com/embed/b6ei2kPYcFY
Frame ID: DA48B62CDF7ADE733CDC0BA22BE67543
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 17F116132001FF8A35F03CE4D5C7E7F8
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FD6793BE7D275C8BAD789173D30A8932
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 41C8433825B7FA2BF965575F8BA2BE2B
Requests: 13 HTTP requests in this frame

Frame: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C98E88A5D44A2246F824AF3869EDA69D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C7EC177A0A3ACD5A09233DBD64FB9FDF
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F5B11BEE-CECD-49F0-A3E9-71B67DFFCD53
Frame ID: 1B77B2DD38BB39A2CD8F728A51E6C6FF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2446312806791468096
Frame ID: D73160612BD37128B3BC82208B4BF0F6
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 66CE4EB5EAA94804A847B56CE7D3A567
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.indiatoday.in/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 344272C3A9EC09600C7FC830565243DE
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Frame ID: A24C4C23B38516D5EF0682851D334F67
Requests: 16 HTTP requests in this frame

Frame: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FC4AB4F627854EB4665B662D03760A04
Requests: 1 HTTP requests in this frame

Frame: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A45DABB10CE707E75B652436CD383942
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkNudheg2181TZn35JxBrsXgsOTceNzV9n1x0rNiDBSbLi_SxGbUTpxo0OZQrKXSFJGKi_BDsLJA-ybwDV1pZ-SW_J9GN3puCYXgQEvqIuj4j3MdGq57M2eMkQ_Bs8UK-mDOmyZhppb0NbQ9-nMH05SfKEyG8zHi8wdaDlU37I4ePiZITxHGFzLoYJTaO8bi-kA-0-K7QVDLwAAUKN2Cfl_SSp44v5sTpRg_vi157rbOwXNhjZH6Eg83wUTKyTQ7NzwZIuKfKbkwPu5TIWZUWPF6ZrSnpYescwGI31-WYIO8yN63LwWT3YEXnsFXaRzHd8pVGwt5j2tExsREV7CQ&sig=Cg0ArKJSzPuHqjctEyrgEAE&urlfix=1&adurl=
Frame ID: 1AC60B39CBB9B750B60EB08B98C8CAD9
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWwxy5CDeOdVCqpcnewK7CDFpxCM3HZrWXPPsQFdAb8SaaSklGuIQsGQ63usdpdNGW7cbaHY9HMvMarf5YSUqOgv7LWH8_znPV23eEDaLC9LHF7HwdAgfoGfkXblddv4KLZznSXGvczSzH2Hz9dFRI2Sqa2CmN71c8okQ2Ay-TwS7ly6FndJHdejWPZSSY028TkhkOeQcd16MbLssuGZjRaM3BnZesDTcLBIdRlIa8Rh47jan2Q5zUdLdqX9tjIewUttZ4Rq3231BrAT3gOamVwMuNyNRsDbGPM8k9f5zywucsLYqHdUrWm4JjLLf7g0_tOu7dx2MhqgmDO4A&sig=Cg0ArKJSzM45I-vWp_qsEAE&urlfix=1&adurl=
Frame ID: 1053C3171216DFA2498F541AF2CE4E2C
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Frame ID: 5E1942D83F605F24B82735B1941A7CBE
Requests: 21 HTTP requests in this frame

Frame: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2C4F7A4688A7FE0AAEFEEFE0FFEE9030
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164962102243330542/index.html
Frame ID: A39A2ADF2C90CEBAA856210A6766C5C0
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CV9Yd5NcsYezKIKCh7_UP1NWR4An9qIfjZOXI-r-YDorRo-2-ARABIKz8pwVglfrwgYwHoAH1wMrRAcgBCeACAKgDAcgDCKoE3QJP0DjGo7zD5SpxKtZlWus5ZOBGhvuhC6a32jQc4Yj1V_bOIJ03BqpqwOaWmem2ZK6xIXvgsLWsmDfRX2JybW4RYrmv2O-eul2pmkKwtiuFulKWxS5iW6m_m8v6D9Y5qjPUhBssqSq6jT7Xa_2f7yfGmIgI4OfZAEi8IODagW3BlcJFm6dcWJWYLzB_OKTq3U3KN7J5sf2KgoJHWrEI661DdPM6KKkpsot0A4Eg3z0Kp_o47mx1mJri2_YrHdysmlM4C6TgFIrAPJjpCairXR_PrVYvx0Wc2I8uGtmXh9h4CrlU2FsHvtEDFibpNmRdRowQu5p2jis3-mCbiFE-WSMfi2a_s47RKPos_EhG6VJbl15AggrtpL0FZOhK3_gIhKvihltDOuW4qbtLqoU4KaNttav21MW2RfMHVCXKRMslm0EIk2VUrdmyz_pVzTPYxpY4Qy5hBNqYaqUgqiOnwASJj_6-3APgBAGSBQQIBBgBkgUECAUYBKAGLoAH8761rgKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEELSJDdIICQiA4YBwEAEYHYAKAcgLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi0zNzkzNzIwNTM0NTczNDcyGND3BQ&sigh=OyRHK6acZdU&template_id=419
Frame ID: 73199B4475C77A734E57EC1BB67FD954
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2441951840195814638/index.html
Frame ID: A585258262329642F10F2048653807B3
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQuck5NcsYdPJIKCh7_UP1NWR4An9qIfjZP3P-r-YDorRo-2-ARABIKz8pwVglfrwgYwHoAH1wMrRAcgBCeACAKgDAcgDCKoE3QJP0GJ_AnNrv34yHPbH2q1KTWClTu7lulBRxiWfrH5XjF-V0vORPjcaG63m0k0QcRgDk7JHGaGb6WFgdCxWu4kkchDZYoCo-bXTOn9-5s7VueLbaS9S7EhzZUjr_C7seTLVyL_3h-iy31jY1mkyD_pL-dJMCkOscvBNdunU8iyjzyp3EJm1Um7J6qotCeqLDLfm5l5C3hiw93XiMljqZFPI6-xr3cc71uFDG_XR9nJBktNwPcDjcWk1axTwtc8M2CFgXNkEKbVAUciukFwHlN_Lsg6iUJqloefXZ_i9X2OjRj_FBn7VJfolGCEWd3z9DglDBeBYGeq9g1D4MiYoAY82VDU0ltwjPfa1j0N9xSPM2IFNmQhYJlUEk5MIaVs4jMULhiFtkqjN4UPi0zhoMuefSDYh0q5xFBZ7G-C0HMCPqiJmsS5mlhPMakJo1qP1n6nwIYRhge81e3tXHL15wASJj_6-3APgBAGSBQQIBBgBkgUECAUYBKAGLoAH8761rgKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEENiOINIICQiA4YBwEAEYHYAKAcgLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi0zNzkzNzIwNTM0NTczNDcyGND3BQ&sigh=QrY5g4rPE5E&template_id=419
Frame ID: C53FDEA00196527A6FF94ED99A52EBD8
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6883E12DD82F1D2533A19863DC7947D8
Requests: 10 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156066&siteId=246950&adId=1318957&adType=10&adServerId=243&kefact=0.017974&kaxefact=0.017974&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=7&kltstamp=1630328804&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.017974&dcId=3&tldId=0&passback=0&svr=BID22428U&adsver=_742816556&adsabzcid=0&cls=BID&ekefact=5NcsYdukAgBI1rvYD1zGfEwgpoOgfJwZbABvfR2VqILPOSNC&ekaxefact=5NcsYeakAgCpwpAuiWtkj-eTfx2o-6bjfQ32HBcaDZvH8L73&ekpbmtpfact=5NcsYfCkAgCjuY2k9_kV4iYR8juR9--Q3lV3IFR8fD4w0FKe&pfi=1&dc=AMS&pubBuyId=32802&crID=3565478&lpu=pramac.com&ucrid=10986151784529755618&campaignId=23026&creativeId=0&pctr=0.000000&wDSPByrId=OATH102139000&wDspId=452&wbId=4&wrId=0&wAdvID=969113&wDspCampId=1657127&isRTB=1&rtbId=BCE742DF-0EB5-4DF1-9E79-79AAE8B17A71&imprId=357F4F31-49AA-47D0-A1EF-840F49448E4E&oid=357F4F31-49AA-47D0-A1EF-840F49448E4E&cntryId=58&pageURL=https%3A%2F%2Fwww.indiatoday.in%2Ftechnology%2Fnews%2Fstory%2Fcan-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&sec=1&pAuSt=3
Frame ID: 448A10DDD2916E0AB71B2A5D8205A422
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17274917367902316614/index.html
Frame ID: D7A2B5E9D6ACADA41D0D393978873195
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: B71743601DDFE77D4291FC78711EC862
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: FAA5C47EA2FD5F71ED2B9E15B0EF63B4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: CB18A600B8F37E644C5023BEA9A68E20
Requests: 2 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8922674620998064464
Frame ID: 40F57315597A906057DB8CEB40B1EBE6
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 86406657536C12C979218A9D7A43CDA1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5C85F752BFC0AD336A4BF19639DC8D23
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1C5D668E7FD8D3CACA60D35A94D443DF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Can downloading WhatsApp photo or video infect your phone with virus? Not likely but be careful - Technology News

Page URL History Show full URLs

http://alrts.foppscolor.com/ga/click/2-293914979-1169-245310-471842-305882-99f258342a-33bfc78735 HTTP 302
https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-ph... Page URL

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

275
Requests

100 %
HTTPS

44 %
IPv6

53
Domains

84
Subdomains

68
IPs

10
Countries

3312 kB
Transfer

9176 kB
Size

0
Cookies

45 Outgoing links

These are links going to different origins than the main page.

URL: https://malayalam.indiatoday.in/
Title: Malayalam

Search URL Search Domain Scan URL

URL: https://www.businesstoday.in/
Title: Business Today

Search URL Search Domain Scan URL

URL: https://www.dailyo.in/
Title: DailyO

Search URL Search Domain Scan URL

URL: https://www.aajtak.in/
Title: Aaj Tak

Search URL Search Domain Scan URL

URL: https://www.thelallantop.com/
Title: Lallantop

Search URL Search Domain Scan URL

URL: https://www.ichowk.in/
Title: iChowk

Search URL Search Domain Scan URL

URL: https://www.readersdigest.in/
Title: Reader’s Digest

Search URL Search Domain Scan URL

URL: https://auth.indiatoday.in/saml_login/other/aHR0cHM6Ly93d3cuaW5kaWF0b2RheS5pbi90ZWNobm9sb2d5L25ld3Mvc3RvcnkvY2FuLWRvd25sb2FkaW5nLXdoYXRzYXBwLXBob3RvLW9yLXZpZGVvLWluZmVjdC15b3VyLXBob25lLXdpdGgtdmlydXMtbm90LWxpa2VseS1idXQtYmUtY2FyZWZ1bC0xNzcwMzg4LTIwMjEtMDItMTgjc3NvbG9naW49MQ==
Title: Login

Search URL Search Domain Scan URL

URL: https://quiz.indiatodaygaming.com/intro;jsessionid=6C780D9EEC12A32F011AF2822C5166EC
Title: Quiz

Search URL Search Domain Scan URL

URL: https://play.indiatodaygaming.com/
Title: Gaming

Search URL Search Domain Scan URL

URL: https://www.aajtak.in/rate-card
Title: Rate Card

Search URL Search Domain Scan URL

URL: https://www.facebook.com/IndiaToday/

Search URL Search Domain Scan URL

URL: https://twitter.com/indiatoday

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/follow?screen_name=ankitaChak15

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCYPvAwZP8pZhSMW8qs7cVCw?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?text=Can%20downloading%20WhatsApp%20photo%20or%20video%20infect%20your%20phone%20with%20virus%3F%20Not%20likely%20but%20be%20careful%20https%3A%2F%2Fwww.indiatoday.in%2Ftechnology%2Fnews%2Fstory%2Fcan-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18%3Futm_source%3Dwashare%26utm_medium%3Dsocialicons%26utm_campaign%3Dshareurltracking%20%0A%0ADownload%20the%20India%20Today%20app%20now%20to%20read%20our%20latest%20stories.%0Ahttps%3A%2F%2Findiatoday.app.link%2FTrK1ggqhLT

Search URL Search Domain Scan URL

URL: http://www.businesstoday.in/
Title: Business Today

Search URL Search Domain Scan URL

URL: http://www.cosmopolitan.in/
Title: Cosmopolitan

Search URL Search Domain Scan URL

URL: http://subscriptions.intoday.in/subscriptions/itoday/ith_offer.jsp?source=website
Title: India Today - Hindi

Search URL Search Domain Scan URL

URL: http://mailtoday.in/
Title: Mail Today

Search URL Search Domain Scan URL

URL: http://moneytoday.intoday.in/
Title: Money Today

Search URL Search Domain Scan URL

URL: http://www.readersdigest.co.in/
Title: Reader's Digest

Search URL Search Domain Scan URL

URL: http://subscriptions.digitaltoday.in/subscriptions/time/subscription.html
Title: Time

Search URL Search Domain Scan URL

URL: http://aajtak.intoday.in/dilliaajtak/
Title: Delhi Aaj Tak

Search URL Search Domain Scan URL

URL: http://aajtak.intoday.in/tez/
Title: Tez

Search URL Search Domain Scan URL

URL: https://www.ishq.com/
Title: Ishq FM

Search URL Search Domain Scan URL

URL: https://www.indiatodaygaming.com/
Title: India Today Gaming

Search URL Search Domain Scan URL

URL: https://connect.indiatodaygaming.com/
Title: ESPL

Search URL Search Domain Scan URL

URL: http://www.vasantvalley.org/vasantvalley/default.shtml
Title: Vasant Valley

Search URL Search Domain Scan URL

URL: https://aajtak.intoday.in/agenda-aajtak/
Title: Agenda Aajtak

Search URL Search Domain Scan URL

URL: http://www.indiatodayconclave.com/
Title: India Today Conclave

Search URL Search Domain Scan URL

URL: http://www.robbreportindia.com/limitededition/2018/
Title: Robb Report India 2018

Search URL Search Domain Scan URL

URL: https://aajtak.intoday.in/sahitya/2018/
Title: Sahitya Aaj Tak

Search URL Search Domain Scan URL

URL: http://theredlab.in/
Title: The Red Lab

Search URL Search Domain Scan URL

URL: http://www.thomsonpress.com/
Title: Thomson Press

Search URL Search Domain Scan URL

URL: http://www.caretoday.in/
Title: Care Today

Search URL Search Domain Scan URL

URL: http://www.music-today.com/
Title: Music Today

Search URL Search Domain Scan URL

URL: https://www.indiacontent.in/
Title: India content

Search URL Search Domain Scan URL

URL: https://www.headlinestoday.in/
Title: Headlines Today

Search URL Search Domain Scan URL

URL: https://aajtak.intoday.in/distribution/rio/
Title: Rate Card

Search URL Search Domain Scan URL

URL: https://www.indiatodaygroup.com/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://goo.gl/qtxzZf

Search URL Search Domain Scan URL

URL: https://goo.gl/BGCmrr

Search URL Search Domain Scan URL

URL: https://goo.gl/S8unuW

Search URL Search Domain Scan URL

URL: https://www.indiatodaygroup.com/cookie-policy.html
Title: cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://alrts.foppscolor.com/ga/click/2-293914979-1169-245310-471842-305882-99f258342a-33bfc78735 HTTP 302
https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://sb.scorecardresearch.com/b?c1=2&c2=8549097&ns__t=1630328803213&ns_c=UTF-8&cv=3.5&c8=Can%20downloading%20WhatsApp%20photo%20or%20video%20infect%20your%20phone%20with%20virus%3F%20Not%20likely%20but%20be%20careful%20-%20Technology%20News&c7=https%3A%2F%2Fwww.indiatoday.in%2Ftechnology%2Fnews%2Fstory%2Fcan-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=8549097&ns__t=1630328803213&ns_c=UTF-8&cv=3.5&c8=Can%20downloading%20WhatsApp%20photo%20or%20video%20infect%20your%20phone%20with%20virus%3F%20Not%20likely%20but%20be%20careful%20-%20Technology%20News&c7=https%3A%2F%2Fwww.indiatoday.in%2Ftechnology%2Fnews%2Fstory%2Fcan-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&c9=

Request Chain 69

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 110

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 111

https://c1.adform.net/serving/cookie/match?party=14&cid=F5B11BEE-CECD-49F0-A3E9-71B67DFFCD53 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F5B11BEE-CECD-49F0-A3E9-71B67DFFCD53

Request Chain 112

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2446312806791468096

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9bEb7s7NSfCj6XG2ff_NUw%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 115

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ec18612c-d7e4-4900-99ce-413fa884080a

Request Chain 116

https://pixel.onaudience.com/?partner=214&mapped=F5B11BEE-CECD-49F0-A3E9-71B67DFFCD53 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=978b51e72caaa335a1a55453f68a3d6d

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjVCMTFCRUUtQ0VDRC00OUYwLUEzRTktNzFCNjdERkZDRDUz&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO2n1WCyPD3-c6HpWP6nPYw&google_cver=1

Request Chain 120

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8371353742125682364

Request Chain 121

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:37cc612c-d7e4-4d00-bfef-8354bcd4aa78&gdpr=0&gdpr_consent=

Request Chain 122

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ea9b75a2-7487-404b-8c28-7d896bf3020c

Request Chain 123

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1732472909786184169&gdpr=0&gdpr_consent=

Request Chain 124

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F5B11BEE-CECD-49F0-A3E9-71B67DFFCD53&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F5B11BEE-CECD-49F0-A3E9-71B67DFFCD53&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-OK7oRh9E2uU5BdwGHE.kpMNqxNtQEjA-~A&gdpr=0&gdpr_consent=

Request Chain 125

https://ssum-sec.casalemedia.com/usermatch?d=https://www.indiatoday.in/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.indiatoday.in/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 126

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YSzX5AAEDBP4wgAC HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YSzX5AAEDBP4wgAC&_test=YSzX5AAEDBP4wgAC

Request Chain 127

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTE0N2ZlNzU4ODA4NmU1NGQ1ZTM1ZTRjZmQzNDJmMjRiZDY1YWQ4ZQ

Request Chain 130

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/yjO89Ccobo5Dg0iRZ5hFfA?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1330311211377205161

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPlFVh-rhoLhm-tnBHpYi_g&google_cver=1

Request Chain 132

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSYNOC8L-1W-1OS&sigv=1&esig=2~700448d825ecd26bea618c57baaabc13cec9f1d4

Request Chain 133

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=752c612c-d7e4-4c00-9c58-26f78da7c49e

Request Chain 134

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSzX5Er6Xvpd2x_Bjo-98wAABLgAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSzX5Er6Xvpd2x_Bjo-98wAABLgAAAAB&dcc=t

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSzX5Er6Xvpd2x_Bjo-98wAABLgAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEI6yEPfeJo3ngbJuJc_OyaY&google_cver=1

Request Chain 137

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSzX5Er6Xvpd2x-Bjo.98wAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFf8XjsZCXIy8-EDHer2Ovg&google_cver=1&gdpr=1&google_hm=2

Request Chain 140

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06a62204023d4233d8c2946a&expiration=[EXPIRATION]&gdpr=1

Request Chain 141

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=ad796912-fd4d-4eb2-8162-812fddfec88c&expiration=1661864805

Request Chain 194

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 248

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEISdQUh3GjnUnuwiyIEhxj0&google_cver=1

Request Chain 250

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8922674620998064464

Request Chain 251

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2685656761857622301

Request Chain 252

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:44be612c-d7e7-4700-b7e9-e957e2fcd961&gdpr=0&gdpr_consent=

Request Chain 253

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8f1126f2-e8b8-48e1-98ad-1e732b00687c

Request Chain 255

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9019878240071150784&gdpr=0&gdpr_consent=

Request Chain 256

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RERDNDkxNjItODdCMS00NEQ0LUEwQTctM0UxQTJDOTc1REVD&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 257

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DDC49162-87B1-44D4-A0A7-3E1A2C975DEC&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DDC49162-87B1-44D4-A0A7-3E1A2C975DEC&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Db2cyIFE2uUPRJMeq3MG6iiA1.5XmYw-~A&gdpr=0&gdpr_consent=

Request Chain 262

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 263

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 270

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

275 HTTP transactions
28 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18 Show response
www.indiatoday.in/technology/news/story/
Redirect Chain

http://alrts.foppscolor.com/ga/click/2-293914979-1169-245310-471842-305882-99f258342a-33bfc78735
https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

203 KB
53 KB

31ms
9ms

Document
text/html

2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

37ef71d3e947234e70803d9e7b02809478b69d4b7d6b2af3d0f01938a9bc5fde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.indiatoday.in
:scheme: https
:path: /technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: Apache
x-drupal-cache: MISS
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-language: en
x-ua-compatible: IE=edge
content-encoding: gzip
x-backend: Yes
x-varnish: 645988661
x-cache-hits: 0
accept-ranges: bytes
content-length: 53669
expires: Mon, 30 Aug 2021 13:06:42 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Mon, 30 Aug 2021 13:06:42 GMT
vary: Accept-Encoding

Redirect headers

Date: Mon, 30 Aug 2021 13:06:42 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.29
Status: 302 Found
X-Rack-Cache: miss
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Request-Id: ca93346aaa0a238982a69950e5c87f73
Location: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.061097
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Powered-By: Phusion Passenger(R) 6.0.9
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked

GET
H2 200 OpenSans-Regular.woff
akm-img-a-in.tosshub.com/sites/all/themes/itg/fonts/ 110 KB
88 KB 36ms
8ms Font
application/octet-stream 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akm-img-a-in.tosshub.com/sites/all/themes/itg/fonts/OpenSans-Regular.woff
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 324f0c65f646d99cccc7eb6840b0ed12b55e6ea7698a7045cd1dc9397baaeca9

Request headers

Origin: https://www.indiatoday.in
Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: rTKxmSFvhvEHBE6Nkp_7FD7KV.9deK3U
content-encoding: gzip
etag: "552ea4cf95b85269f5a3b5b1e2b2eedb"
x-amz-request-id: BTFWAJDP2VFKATCY
x-amz-meta-cb-modifiedtime: Fri, 04 May 2018 12:27:28 GMT
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-length: 89786
x-amz-id-2: RfFib1jxfRJeZ2GzxgKZ8VmAVTTfyUT2bOT34rmmeXeL08NE9hvdAwoGYkegqvMeJFWOd9Dt0hw=
last-modified: Fri, 04 May 2018 14:33:56 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:42 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 fontawesome-webfont.woff2
akm-img-a-in.tosshub.com/sites/all/themes/itg/fonts/ 65 KB
66 KB 46ms
18ms Font
application/octet-stream 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akm-img-a-in.tosshub.com/sites/all/themes/itg/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Origin: https://www.indiatoday.in
Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 8Y6M5nRPlUR2dGrwAyqmf.MYB32MnQxe
content-encoding: gzip
etag: "db812d8a70a4e88e888744c1c9a27e89"
x-amz-request-id: 5928EE26A9E43D6D
x-amz-meta-cb-modifiedtime: Mon, 05 Feb 2018 14:04:23 GMT
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-length: 66632
x-amz-id-2: cDzfsjKwiqgWD6WagRt9X/CKL2iLaeUUq7xsSEYSpqY2zownWUgfbhVHC1IAaSBUDIRz4vFhwIQ=
last-modified: Fri, 04 May 2018 14:33:51 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:42 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 OpenSans-Bold.woff
akm-img-a-in.tosshub.com/sites/all/themes/itg/fonts/ 113 KB
91 KB 50ms
22ms Font
application/octet-stream 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akm-img-a-in.tosshub.com/sites/all/themes/itg/fonts/OpenSans-Bold.woff
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a692d3f487488359d8f4b5deb513cae5f6a76ab92e7d98656f4a843e97fa2c64

Request headers

Origin: https://www.indiatoday.in
Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: Q0CJEW5ro3kH.MXLNDqA5yAh351qLwhZ
content-encoding: gzip
etag: "8dd1fba73ff945cf492243e58a13877e"
x-amz-request-id: 0882EE8D2D5E2BD0
x-amz-meta-cb-modifiedtime: Fri, 04 May 2018 12:27:28 GMT
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-length: 92619
x-amz-id-2: mVDTQB2krKgaGBNOyOD8xcL1eWO1Bq7FYNjI2KqT8gTEMrlCyGeCTZbaZED8i5HDVnqqwZLNJek=
last-modified: Fri, 04 May 2018 14:33:55 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:42 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 logo.png
akm-img-a-in.tosshub.com/sites/all/themes/itg/ 0
4 KB 90ms
89ms Other
image/png 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akm-img-a-in.tosshub.com/sites/all/themes/itg/logo.png?v=1.3
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: zJRSr0ujbbDCrv1QE7VUrU7ljgSoAWBK
etag: "ce2d8d6793b075f7a1160d4f5fe08cfa"
x-amz-request-id: 233E86742E586A35
x-amz-meta-cb-modifiedtime: Mon, 16 Nov 2020 05:34:01 GMT
x-amz-replication-status: COMPLETED
content-length: 4098
x-amz-id-2: SB78ZMN3Tce7Ed5ioZWjfZ4wrtcrGSMlz89iVCa5g4ujFOglrbiKmBju1zawOACXRocVCxoivRA=
last-modified: Mon, 16 Nov 2020 05:56:03 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:42 GMT
access-control-allow-methods: GET,POST,PUT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H/1.1 200
OK fmos.js Show response
saxp.zedo.com/sclient/tt3/ 107 KB
28 KB 901ms
371ms Script
application/x-javascript 52.9.74.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://saxp.zedo.com/sclient/tt3/fmos.js
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.74.67 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-74-67.us-west-1.compute.amazonaws.com
Software: Zedo4G /
Resource Hash: 2c5293eb7b4a4a4d1a41be64a2fbb4148483b22c7c7d0d449bbe936229e37a53

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 13:06:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Dec 2020 12:51:56 GMT
Server: Zedo4G
Vary: Accept-Encoding, Accept-Encoding
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=604800,public
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 28747

GET
H2 200 logo.png
akm-img-a-in.tosshub.com/sites/all/themes/itg/ 4 KB
4 KB 27ms
10ms Image
image/png 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akm-img-a-in.tosshub.com/sites/all/themes/itg/logo.png?v=1.52
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f98c7bfed89509b901aa1a3c11bdbfeeb12df8461fc3c9d02530aa933668268b

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: zJRSr0ujbbDCrv1QE7VUrU7ljgSoAWBK
etag: "ce2d8d6793b075f7a1160d4f5fe08cfa"
x-amz-request-id: QVRXTVM0RS5QFCF8
x-amz-meta-cb-modifiedtime: Mon, 16 Nov 2020 05:34:01 GMT
x-amz-replication-status: COMPLETED
content-length: 4098
x-amz-id-2: fHRb2qaRrnv5jrRE+oX6/v7W9g/EXtY+NGUwCfDqRNDy6ZsSdSC2/z3ozr8YwkvYkLLwARabO6w=
last-modified: Mon, 16 Nov 2020 05:56:03 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:42 GMT
access-control-allow-methods: GET,POST,PUT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 IMG_5073-1200x768.jpg
akm-img-a-in.tosshub.com/indiatoday/styles/user_picture/public/images/reporter/202010/ 1 KB
2 KB 32ms
15ms Image
image/webp 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akm-img-a-in.tosshub.com/indiatoday/styles/user_picture/public/images/reporter/202010/IMG_5073-1200x768.jpg?JV0vs5aCQRd6dhLDnvM9vHJABBCLGp1B&size=56:56
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 3e618569114b5c9aa99da54d8f87a6cdcf58084dac07e19a035141138e7cc3cd

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:42 GMT
x-check-cacheable: YES
x-serial: 465
etag: "52bed904d81e8d1c418a16ac05ea9476"
access-control-allow-methods: GET,POST,PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=583959
last-modified: Wed, 14 Oct 2020 07:10:33 GMT
content-length: 1314
server: Akamai Image Manager
expires: Mon, 06 Sep 2021 07:19:21 GMT

GET
H2 200 itg_image770x443.png
akm-img-a-in.tosshub.com/indiatoday/images/mediamanager/ 3 KB
3 KB 30ms
13ms Image
image/webp 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akm-img-a-in.tosshub.com/indiatoday/images/mediamanager/itg_image770x443.png?8WLwgDUJdohkKAh8bWa.HMeRa7GZPErv
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 3c9708305e9c90a13e0dc44a19fb55121cd81bffcd36b894252241491cc86cb7

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:42 GMT
x-check-cacheable: YES
x-serial: 1308
etag: "a3c9478c13060faf9b06e553d541bb71"
access-control-allow-methods: GET,POST,PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1296000
last-modified: Tue, 24 Nov 2020 15:02:48 GMT
content-length: 2892
server: Akamai Image Manager
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 itgdtracksdk.js Show response
akm-img-a-in.tosshub.com/sites/common/resources/trackdata/min/ 2 KB
1 KB 37ms
35ms Script
application/x-javascript 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akm-img-a-in.tosshub.com/sites/common/resources/trackdata/min/itgdtracksdk.js?v=1.8
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 961bb96a7f3e35c01f4cac7a91ada097a08690411b4f3804acf62da1a8f52c72

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: GUOu4sdiHSRKki5WKqMUUGvJCfJjvOaZ
content-encoding: gzip
etag: "e2d155167b47ed3d961a387e0d9d5ed1"
x-amz-request-id: MTV50YCQK271PCBQ
x-amz-meta-cb-modifiedtime: Fri, 27 Aug 2021 07:19:49 GMT
x-amz-replication-status: COMPLETED
content-length: 850
x-amz-id-2: d3WsKpcg36c9XBgaiBfZC8+PJiug+QU3PIoewlXfhZVsHMJwKtMy+k8+r+y3NxgKlDCpXVoQcbg=
last-modified: Fri, 27 Aug 2021 07:25:54 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:42 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156066/551/ 364 KB
111 KB 130ms
18ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4440d79bbed98b1b3c53241dc45b1efba799162b4b227edcb78e23a7409efbb2

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:42 GMT
content-encoding: gzip
last-modified: Mon, 24 May 2021 12:04:14 GMT
server: Apache/2.2.15 (CentOS)
etag: "1400d69-5b13e-5c31235480803"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=30692
accept-ranges: bytes
content-type: text/javascript
content-length: 113093
expires: Mon, 30 Aug 2021 21:38:14 GMT

GET
H2 200 itg_image88x50.jpg
akm-img-a-in.tosshub.com/sites/all/themes/itg/images/ 2 KB
2 KB 37ms
35ms Image
image/jpeg 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akm-img-a-in.tosshub.com/sites/all/themes/itg/images/itg_image88x50.jpg
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cacce6ba38823dc7917620e735548cffcc0f83d10ea4388ffee5c8fba78cce7a

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: mLo2hc2_IOnOiFu3Gc8Vjsienk7hZ4LO
etag: "f9024dfef9f9fa51d725a155fcea0478"
x-amz-request-id: 35C43D6867A50A48
x-amz-meta-cb-modifiedtime: Tue, 01 Oct 2019 07:15:46 GMT
x-amz-replication-status: COMPLETED
content-length: 1710
x-amz-id-2: OrmgSxmOiCAOSG8CvQbF9hebvNNx2FGf1lY9BlZ74BAHAJyq0hRVU+OEtmUgtIIIkFA37/CiYPg=
last-modified: Tue, 01 Oct 2019 07:18:43 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:42 GMT
access-control-allow-methods: GET,POST,PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 check-this-out.js Show response
akm-img-a-in.tosshub.com/sites/indiatoday/recommend-js/ 18 KB
5 KB 38ms
36ms Script
application/x-javascript 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akm-img-a-in.tosshub.com/sites/indiatoday/recommend-js/check-this-out.js
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d7702751be66b31ff570444d09add9184c0e3e5075c940a99624852fae6163a

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 16oxLESiZ2QIvXhldyOS3QPJgrEg8jbp
content-encoding: gzip
etag: "8f958fe779dc401fb2cb976e1234103c"
x-amz-request-id: HAAPZRSM96XACYD6
x-amz-meta-cb-modifiedtime: Tue, 01 Jun 2021 10:49:06 GMT
x-amz-replication-status: PENDING
content-length: 4883
x-amz-id-2: vaTifa6+Vnah8cEPvVwXR+u8K7zMOh5FegjA0JbhvwasVkRLetO9Bhfpmqo9GfOIGCgNGr91MD0=
last-modified: Tue, 01 Jun 2021 10:49:21 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:42 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 js__EtEv8D-v9WkS6Ol7F1HQ9jp8pA0sa39LetxCwqM6QWo__hp6VCJ28cf3uz4CDUTdw_r9Ief6oBFikpp2OsdnLydU__GTHT59GM5lcASMnInNchTCFq1J7nVir3fCt8ablNO9o.js Show response
akm-img-a-in.tosshub.com/advagg_js/ 98 KB
35 KB 15ms
13ms Script
application/x-javascript 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akm-img-a-in.tosshub.com/advagg_js/js__EtEv8D-v9WkS6Ol7F1HQ9jp8pA0sa39LetxCwqM6QWo__hp6VCJ28cf3uz4CDUTdw_r9Ief6oBFikpp2OsdnLydU__GTHT59GM5lcASMnInNchTCFq1J7nVir3fCt8ablNO9o.js?sqTrktUO4lS5hAYm44nA2HYKfj3dCE8I
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8ed46006d6e5ea3a3cc755a42795c42ff4edeafd26ca246cf389fdf30d32da6

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: DlYdHOPz5Jp4672wf4_FNk3u8ELHpJwM
content-encoding: gzip
etag: "38cd16b84cb5cbb3bd9c15b19217c983"
x-amz-request-id: 39BA9532DF9A8695
x-amz-replication-status: COMPLETED
content-length: 35470
x-amz-id-2: 20XvhRF3lMr8b41JYgs2FP493WofLRSTK38xn/DtXTVIpfYHKdvDzg7/x4yEx0E1MU7YXC68Npc=
last-modified: Thu, 23 Aug 2018 16:02:40 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:42 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, no-transform, max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 itg_sso_login.js Show response
www.indiatoday.in/sites/all/modules/custom/itg_sso_reg/js/ 18 KB
4 KB 10ms
8ms Script
text/javascript 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.indiatoday.in/sites/all/modules/custom/itg_sso_reg/js/itg_sso_login.js?1630236601
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 7d49fad697c6d394ef706765f423c812e60712a35871ee9b29c1bcbdb696c7ae

Request headers

:path: /sites/all/modules/custom/itg_sso_reg/js/itg_sso_login.js?1630236601
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.indiatoday.in
referer: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:42 GMT
content-encoding: gzip
last-modified: Sat, 28 Aug 2021 07:02:44 GMT
server: Apache
etag: "4670-5ca992fd3aa90-gzip"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache
x-varnish: 636454293
x-cache-hits: 0
accept-ranges: bytes
x-backend: Yes
content-length: 4015
expires: Mon, 30 Aug 2021 13:06:42 GMT

GET
H2 200 video_preview.js Show response
www.indiatoday.in/sites/all/themes/itg/js/ 9 KB
2 KB 13ms
12ms Script
text/javascript 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.indiatoday.in/sites/all/themes/itg/js/video_preview.js?qykd1t
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: f27bbf3887ec697bd228302c8491ed0999ce63aec111aabb3fa95d31ed6c3477

Request headers

:path: /sites/all/themes/itg/js/video_preview.js?qykd1t
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.indiatoday.in
referer: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:42 GMT
content-encoding: gzip
last-modified: Sat, 28 Aug 2021 07:02:47 GMT
server: Apache
etag: "2532-5ca9930009676-gzip"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache
x-varnish: 239534359 239534358
x-cache-hits: 1
accept-ranges: bytes
x-backend: Yes
content-length: 2176
expires: Mon, 30 Aug 2021 13:06:42 GMT

GET
H2 200 js__tWw4r4kgl7JaEcLF6JkzNer5gyzKTkhq2nFPT7AAX9U__TUp-TIcEV-64V_aLnUl93KEZ8MxmxNtIGzm2kKpg7a4__GTHT59GM5lcASMnInNchTCFq1J7nVir3fCt8ablNO9o.js Show response
akm-img-a-in.tosshub.com/advagg_js/ 30 KB
9 KB 38ms
36ms Script
application/x-javascript 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akm-img-a-in.tosshub.com/advagg_js/js__tWw4r4kgl7JaEcLF6JkzNer5gyzKTkhq2nFPT7AAX9U__TUp-TIcEV-64V_aLnUl93KEZ8MxmxNtIGzm2kKpg7a4__GTHT59GM5lcASMnInNchTCFq1J7nVir3fCt8ablNO9o.js?s__i9BgPjC0gwiM1cCYKTSGLO7h.ePLS
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0716b20eb5481f9ae782f3bafcc1a0ae2260d35af75448b9fbeaf0e665160803

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 5dIoE8I0UWItyrrohPjBe6w4OcLCs9U8
content-encoding: gzip
etag: "9c9f9a374037f8c75a9997fc95c4f326"
x-amz-request-id: P860CZKWXCYNHVGW
x-amz-replication-status: COMPLETED
content-length: 8264
x-amz-id-2: Bigv5T4UWj3C8NRzJG06GPNTXlcRxtR8TcFSmHCMNaLvS140muwzfQ8G/qHYuwSK4CuPZpKe+aU=
last-modified: Fri, 02 Jul 2021 22:27:44 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:42 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, no-transform, max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 js__ynF-Bpn2Vsq-5nNr6qQ2heHxcuFE2-eZNGPcDdFoXMs__D0Dxo6YjPd2PhBdb7_LbJi6R9WWY8GVzWYLNPx01Hxw__GTHT59GM5lcASMnInNchTCFq1J7nVir3fCt8ablNO9o.js Show response
akm-img-a-in.tosshub.com/advagg_js/ 13 KB
4 KB 38ms
37ms Script
application/x-javascript 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akm-img-a-in.tosshub.com/advagg_js/js__ynF-Bpn2Vsq-5nNr6qQ2heHxcuFE2-eZNGPcDdFoXMs__D0Dxo6YjPd2PhBdb7_LbJi6R9WWY8GVzWYLNPx01Hxw__GTHT59GM5lcASMnInNchTCFq1J7nVir3fCt8ablNO9o.js?qY3gYD0djoGkt986nXgf45HpBTLzQkCU
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31f2dcdfd6da8167beaef017fde8c556f65596a86aab18e531b02e9fd7d2a06c

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: K5w7AZFzWIyt9WJiwgZxdtiDDK71A9M.
content-encoding: gzip
etag: "c24afe7f40ee1e49341248beb15d7fdd"
x-amz-request-id: QDF6G4GKM194QB86
x-amz-replication-status: COMPLETED
content-length: 3591
x-amz-id-2: RiUC1UqE5YyiIgCW/xNreok0GyxEHvc93oNdBfEJ+/JRg6TVHlFb5QwbkEoNUA/mwH+9OlUS4F8=
last-modified: Tue, 22 Jun 2021 13:20:24 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:42 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, no-transform, max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 ads.js Show response
www.indiatoday.in/sites/all/modules/custom/itg_ads_blocker/js/ 92 B
369 B 16ms
15ms Script
text/javascript 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.indiatoday.in/sites/all/modules/custom/itg_ads_blocker/js/ads.js?qykd1t
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 35eaf713f65d9b7048a80b4cda42029f5c0e9897d1d4b3217941f7e5d392da5f

Request headers

:path: /sites/all/modules/custom/itg_ads_blocker/js/ads.js?qykd1t
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.indiatoday.in
referer: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:42 GMT
content-encoding: gzip
last-modified: Fri, 27 Aug 2021 15:12:09 GMT
server: Apache
etag: "5c-5ca8be8419de5-gzip"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache
x-varnish: 239304883 239304882
x-cache-hits: 1
accept-ranges: bytes
x-backend: Yes
content-length: 107
expires: Mon, 30 Aug 2021 13:06:42 GMT

GET
H2 200 js__SgRD05z97Js1tig_zyI9XCPudJ6ubsC7D2HMaYw9WVU__fEiop-8q0uPNIOqU54F__7IWU4vQmg3nD3coz8hsmWc__GTHT59GM5lcASMnInNchTCFq1J7nVir3fCt8ablNO9o.js Show response
akm-img-a-in.tosshub.com/advagg_js/ 41 KB
9 KB 39ms
38ms Script
application/x-javascript 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akm-img-a-in.tosshub.com/advagg_js/js__SgRD05z97Js1tig_zyI9XCPudJ6ubsC7D2HMaYw9WVU__fEiop-8q0uPNIOqU54F__7IWU4vQmg3nD3coz8hsmWc__GTHT59GM5lcASMnInNchTCFq1J7nVir3fCt8ablNO9o.js?WLc9_k0lEsnnACxZ6WX76hQe0S47IS4A
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddb1bb033cc441e901daf65cda888a50d5e04589b53f97e20759471d37d0276f

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 2CvrV.sz36Bb3gFylBXOVofO888lMeoo
content-encoding: gzip
etag: "65583a9a73f34bd44d97d9542293e337"
x-amz-request-id: 3P7G2X6PFTCRFQ8J
x-amz-replication-status: PENDING
content-length: 8367
x-amz-id-2: p9xtKkeQf8jXSU41mMzRgDS5Fvzf0qH7WDZXNxkitqElHMrYHjbzaMOmbaeMbxmbvD/vpc3tp7Y=
last-modified: Thu, 03 Dec 2020 13:09:57 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:42 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, no-transform, max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 showadcontent.js Show response
akm-img-a-in.tosshub.com/indiatoday/js/ads/ 2 KB
1 KB 40ms
38ms Script
application/x-javascript 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akm-img-a-in.tosshub.com/indiatoday/js/ads/showadcontent.js
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95530131c74ba8c71ca69cf19ea8a23028528d709ba333021fc03d67ef750db7

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: HuX_OPhtTN0jHcBlOssK7foUsTackEqi
content-encoding: gzip
etag: "8721a77cf2218b9fe9904f76904f7c74"
x-amz-request-id: 8DC02CF2883FBBA0
x-amz-meta-cb-modifiedtime: Thu, 13 Dec 2018 07:49:24 GMT
x-amz-replication-status: COMPLETED
content-length: 689
x-amz-id-2: Wv/bbTeCspIvoESLoodOl7V1ofCnhjWcxvPEs2/pxUBdj/hNhEIa8TKlNj6WLCLnoWVHHB9RG3Y=
last-modified: Thu, 13 Dec 2018 07:49:36 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:42 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 js__gWKDi3tEYHplAve-FUAeYr3Z0U6vcClHOalw_E4q9Ik__LPTPbZZWvhK7v1vze94X_kVTnSFTtX8qGhBDMD-R_0E__GTHT59GM5lcASMnInNchTCFq1J7nVir3fCt8ablNO9o.js Show response
akm-img-a-in.tosshub.com/advagg_js/ 198 KB
46 KB 40ms
39ms Script
application/x-javascript 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akm-img-a-in.tosshub.com/advagg_js/js__gWKDi3tEYHplAve-FUAeYr3Z0U6vcClHOalw_E4q9Ik__LPTPbZZWvhK7v1vze94X_kVTnSFTtX8qGhBDMD-R_0E__GTHT59GM5lcASMnInNchTCFq1J7nVir3fCt8ablNO9o.js?OQ2j9XFEF14ERLXo1SEAzVKOHFPd_xQH
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dcb52d20b27366c22cdb4c7a3a609e1f2225067837398582335c8df3fc06fcd4

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: _UvMXuYaCzgbGQ3C45BTMbWLabntuhnQ
content-encoding: gzip
etag: "fd6914e73a6a46cc4d576361d65e0add"
x-amz-request-id: K3BYMHPKXFKAN109
x-amz-replication-status: PENDING
content-length: 46742
x-amz-id-2: A9ilZFeTUgCvGDzZANVQUCDczgC7skDgV4le4qPRZBi9wkuK1JzXb3v4htx9VhZkjSPMUv9JawQ=
last-modified: Thu, 12 Aug 2021 13:14:57 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:42 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, no-transform, max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 css__HLhcxgJ4KwfzRiYFhQnOxyF1uS_DwGKTfM3v-k3Yvto__cFronjVI1q_WtlAQJ9rJa2PSPP1J2r0ozfmC-JubxXo__GTHT59GM5lcASMnInNchTCFq1J7nVir3fCt8ablNO9o.css
akm-img-a-in.tosshub.com/advagg_css/ 108 KB
20 KB 21ms
19ms Stylesheet
text/css 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akm-img-a-in.tosshub.com/advagg_css/css__HLhcxgJ4KwfzRiYFhQnOxyF1uS_DwGKTfM3v-k3Yvto__cFronjVI1q_WtlAQJ9rJa2PSPP1J2r0ozfmC-JubxXo__GTHT59GM5lcASMnInNchTCFq1J7nVir3fCt8ablNO9o.css?_LHlud16qe4UzbLEAnuIJhSIEmV.eOcc
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df1805daa3d52868f0c5248de4f25fa23f31d973d56fd965b71c426123578043

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: r9UQNzYuA3V.QJCiWtyFz6y1YcB2zHmJ
content-encoding: gzip
etag: "df490ae8ea0c8c724a8da2969a92fddd"
x-amz-request-id: QDFA53TRFPECDJ1A
x-amz-replication-status: COMPLETED
content-length: 20087
x-amz-id-2: GAFt/GuKjoFFGC2oNq3X4lumCaHEj9ibr4tsYor09H7jkYl4+Tsj8CZVOLXMtBTgYORVGuqkQgI=
last-modified: Tue, 22 Jun 2021 13:20:24 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:42 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT
content-type: text/css
access-control-allow-origin: *
cache-control: public, no-transform, max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 gdpr_changes.min.js Show response
akm-img-a-in.tosshub.com/sites/common/js/gdpr/ 7 KB
3 KB 88ms
87ms Script
application/x-javascript 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akm-img-a-in.tosshub.com/sites/common/js/gdpr/gdpr_changes.min.js?v=1.0
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6edf3e83cbcec12731cf5e9640f27de793eb0b1d256fb3e2ce5769875f5f5016

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: RtKDPr0vUGx538_43awislcy8NVFas1n
content-encoding: gzip
etag: "781d233508813ef8fc231c19e1175d6b"
x-amz-request-id: 63D1F2DC4637A205
x-amz-meta-cb-modifiedtime: Fri, 16 Aug 2019 11:24:56 GMT
x-amz-replication-status: COMPLETED
content-length: 2554
x-amz-id-2: FZ7SXUxez9A43iDqw7+ysVfsWD3ejWN/u3vKdq29W5IOqsardMJ+5GknGBBiZVPxqAUNhG36Ygc=
last-modified: Fri, 16 Aug 2019 11:25:59 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:42 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 lazysizes.min.js Show response
akm-img-a-in.tosshub.com/sites/all/themes/itg/js/ 7 KB
4 KB 89ms
87ms Script
text/plain 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akm-img-a-in.tosshub.com/sites/all/themes/itg/js/lazysizes.min.js
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f5f5b975713e589924e52a15a3a8e321472d949eed907d0c7dc6b391c69ff97

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: r4b6.axr16v44HDYyxZQNpy0TqNxjECc
content-encoding: gzip
etag: "d7333140b08bfe3546117d5ac5424a2f"
x-amz-request-id: D5112A5635F225FC
x-amz-replication-status: COMPLETED
content-length: 3144
x-amz-id-2: /fusYoN/iMO52knc782jYr4qttOvPq0DykjhP4OXDyNVPJkBNeh5w1/apXlsa/Zs+McumEYTpQQ=
last-modified: Tue, 05 Jun 2018 15:27:02 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1527598809/ctime:1527598807/gid:1000/gname:yatendra/md5:d7333140b08bfe3546117d5ac5424a2f/mode:33204/mtime:1527598807/uid:1000/uname:yatendra
date: Mon, 30 Aug 2021 13:06:42 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 47d5a439dc84bb1630674aaff9947baeeb5e6f90.js Show response
cdn.izooto.com/scripts/ 2 KB
1 KB 129ms
24ms Script
application/javascript 2a02:26f0:6c00::210:ba61
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/47d5a439dc84bb1630674aaff9947baeeb5e6f90.js

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba61 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

4da47c3fe9000c278a15ca4899b708e438da86b842ec0b53e838a4e936aa2986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 07:25:12 GMT
server: nginx
etag: W/"601266d8-825"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7776000
date: Mon, 30 Aug 2021 13:06:42 GMT
akamai-cache-status: Hit from child
content-length: 866
x-xss-protection: 1; mode=block
expires: Sun, 28 Nov 2021 13:06:42 GMT

GET
H2 200 trinity-min.js Show response
akm-img-a-in.tosshub.com/sites/player/media/trinity/ 6 KB
3 KB 89ms
88ms Script
application/x-javascript 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akm-img-a-in.tosshub.com/sites/player/media/trinity/trinity-min.js?v=1.0
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39dab7647df019a6baed2fec9d2174a9bb991bf06b2060cd4dfc30482b50f7f8

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: U0e25ZLDtVbQy.wY7Jiiz4yapb00OD3U
content-encoding: gzip
etag: "63bbc5293c2eddc03332c598481b366b"
x-amz-request-id: RZXZYK33ZZXC745H
x-amz-meta-cb-modifiedtime: Mon, 19 Jul 2021 11:15:23 GMT
x-amz-replication-status: COMPLETED
content-length: 2186
x-amz-id-2: cnP3keDuR+Iq46A/5gaDtIBP88NUOEvsvLLpNyCqQHqOTztoFknITepjk4c23WcxX6e47xD7vh8=
last-modified: Mon, 19 Jul 2021 11:20:13 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:42 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 b6ei2kPYcFY Show response
www.youtube.com/embed/ Frame DA48 55 KB
23 KB 47ms
47ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/b6ei2kPYcFY

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52d7bf3b6f408996fb52f5f4e67c814a5e4901bdfa4df519477a89f8d2290338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/b6ei2kPYcFY
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.indiatoday.in/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.indiatoday.in/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 30 Aug 2021 13:06:42 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=cFc9ulcCaBo; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=8rlywy1B-QM; Domain=.youtube.com; Expires=Sat, 26-Feb-2022 13:06:42 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+593; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ac5b7bf1982dfb6ed0569d666acda85b9e412f69509fba0f7c0f3a7150900fe

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 013bd25800eed573c7f17d08da8c3930f7c6829bc04647d102cbd4429152557f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77402456db05d95ddd30000591710ee9714f249c22320445f64e6b7042908b66

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af5ffe2c662aa6b571393dbd836619aecfb1feb7215f6660fc8f0ebed48b91e1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 838608a5ee9cdb569b2da3bcec6d43a5d8b16dd5e79c1e8237bf99527612e987

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 79 KB
24 KB 132ms
36ms Script
text/javascript 13.224.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-47.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1f23d8732d8e2a4f2e983d5bf52c680226ec20d3b3453a7d8de4ef4e28aa7a5

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: JY0psBu036ThLrIRNRIc72jv8LxR45nr
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 21:28:14 GMT
server: AmazonS3
age: 29
etag: "494b4c270c41c5456742136e682b1007"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Mon, 30 Aug 2021 13:06:14 GMT
x-amz-cf-pop: ZRH50-C1
content-length: 23861
x-amz-cf-id: oZj7RMtDDzNdlrGw2Xx4KFnQ2NJNou8aAbyElTgccF34OvbD_OqUuQ==

GET
H2 200 play-icon-r.png
akm-img-a-in.tosshub.com/sites/all/themes/itg/images/ 295 B
727 B 7ms
7ms Image
image/png 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akm-img-a-in.tosshub.com/sites/all/themes/itg/images/play-icon-r.png
Requested by: Host: akm-img-a-in.tosshub.com
URL: https://akm-img-a-in.tosshub.com/advagg_css/css__HLhcxgJ4KwfzRiYFhQnOxyF1uS_DwGKTfM3v-k3Yvto__cFronjVI1q_WtlAQJ9rJa2PSPP1J2r0ozfmC-JubxXo__GTHT59GM5lcASMnInNchTCFq1J7nVir3fCt8ablNO9o.css?_LHlud16qe4UzbLEAnuIJhSIEmV.eOcc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28a407b7ac1524acf25b5af1c65ce1bee7387d1dc572a071ee08861c24362a53

Request headers

Referer: https://akm-img-a-in.tosshub.com/advagg_css/css__HLhcxgJ4KwfzRiYFhQnOxyF1uS_DwGKTfM3v-k3Yvto__cFronjVI1q_WtlAQJ9rJa2PSPP1J2r0ozfmC-JubxXo__GTHT59GM5lcASMnInNchTCFq1J7nVir3fCt8ablNO9o.css?_LHlud16qe4UzbLEAnuIJhSIEmV.eOcc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: w09NYFaspjGPpgdWoX49024Qr.RZ4bYI
etag: "8dd605b31d00b8a1e68f69dc3c0ef293"
x-amz-request-id: ABD26C621FBC6D30
x-amz-meta-cb-modifiedtime: Tue, 06 Nov 2018 10:12:45 GMT
x-amz-replication-status: COMPLETED
content-length: 295
x-amz-id-2: 3AVO9HvLy3xuVK8WK8zLyT3+c1KxiMxIBFGGPSL4uFuydVCRP5piBtNUo16j261KIYSEZb1l8ns=
last-modified: Tue, 06 Nov 2018 13:06:59 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:42 GMT
access-control-allow-methods: GET,POST,PUT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 sprite.png
akm-img-a-in.tosshub.com/sites/all/themes/itg/images/ 2 KB
2 KB 7ms
7ms Image
image/png 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akm-img-a-in.tosshub.com/sites/all/themes/itg/images/sprite.png
Requested by: Host: akm-img-a-in.tosshub.com
URL: https://akm-img-a-in.tosshub.com/advagg_css/css__HLhcxgJ4KwfzRiYFhQnOxyF1uS_DwGKTfM3v-k3Yvto__cFronjVI1q_WtlAQJ9rJa2PSPP1J2r0ozfmC-JubxXo__GTHT59GM5lcASMnInNchTCFq1J7nVir3fCt8ablNO9o.css?_LHlud16qe4UzbLEAnuIJhSIEmV.eOcc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8563b76291fd0181547f398e74c362b5a799b6d1f02de243014fbf6e76b4df55

Request headers

Referer: https://akm-img-a-in.tosshub.com/advagg_css/css__HLhcxgJ4KwfzRiYFhQnOxyF1uS_DwGKTfM3v-k3Yvto__cFronjVI1q_WtlAQJ9rJa2PSPP1J2r0ozfmC-JubxXo__GTHT59GM5lcASMnInNchTCFq1J7nVir3fCt8ablNO9o.css?_LHlud16qe4UzbLEAnuIJhSIEmV.eOcc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: RwVJQKN667DkiAKOLReaBUnr4ii1ztqp
etag: "9b4046458cd40c67f391d3026759ea9e"
x-amz-request-id: 08F3522632E9192C
x-amz-meta-cb-modifiedtime: Mon, 10 Jun 2019 08:07:27 GMT
x-amz-replication-status: COMPLETED
content-length: 1545
x-amz-id-2: 03LWQK6fiOzjy5Nn/Xg9nak8SNQddw3HhnPWW+S2/GpA+sfP2LZqf0I8QBdyQQLEyDpTZ9a6jsQ=
last-modified: Mon, 10 Jun 2019 08:12:18 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:42 GMT
access-control-allow-methods: GET,POST,PUT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5663
date: Mon, 30 Aug 2021 11:32:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 30 Aug 2021 13:32:19 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 28ms
27ms Script
application/javascript 13.224.93.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-85.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 30 Aug 2021 12:47:00 GMT
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1183
etag: W/"1827f116c73f319409b97f10b8a58ade"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: vfH8v8gKuYAdTi1tRZWVSREZWwWNsZ3FtqrNxGu1tP2FhWpofz104Q==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 122 KB
45 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M57NDHZ

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4194627b35942acc33ab9a8cdc60e99a61f7abd3b5504c8aa6e41159f35febdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45897
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Aug 2021 13:06:42 GMT

GET
H2 200 flag.json Show response
akm-img-a-in.tosshub.com/indiatoday/customfile/ 12 B
508 B 34ms
33ms XHR
application/json 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akm-img-a-in.tosshub.com/indiatoday/customfile/flag.json
Requested by: Host: akm-img-a-in.tosshub.com
URL: https://akm-img-a-in.tosshub.com/advagg_js/js__EtEv8D-v9WkS6Ol7F1HQ9jp8pA0sa39LetxCwqM6QWo__hp6VCJ28cf3uz4CDUTdw_r9Ief6oBFikpp2OsdnLydU__GTHT59GM5lcASMnInNchTCFq1J7nVir3fCt8ablNO9o.js?sqTrktUO4lS5hAYm44nA2HYKfj3dCE8I
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: waNtVSjxNZDxXTCcMMrioGSZAXQvqQ61
content-encoding: gzip
etag: "d361e6b3f641788dace6707209d55a63"
x-amz-request-id: DAE4CDC57827F0D1
x-amz-meta-cb-modifiedtime: Tue, 21 May 2019 07:48:51 GMT
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-length: 32
x-amz-id-2: isJuVjCEDosVw+ya71sbsuq7QltlJxIvaTPLg7Qo45gPumwMkUVsAk0tv3rjEJo3seATrwo1bOE=
last-modified: Tue, 21 May 2019 07:50:19 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:42 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:42 GMT

GET
H2 200 itgdtrackdata.js Show response
akm-img-a-in.tosshub.com/sites/common/resources/trackdata/min/ 5 KB
2 KB 9ms
9ms Script
application/x-javascript 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akm-img-a-in.tosshub.com/sites/common/resources/trackdata/min/itgdtrackdata.js?ver=1.8
Requested by: Host: akm-img-a-in.tosshub.com
URL: https://akm-img-a-in.tosshub.com/sites/common/resources/trackdata/min/itgdtracksdk.js?v=1.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 483c3804e8245beb901da2a4a797a564ced1f2c72bddbfeb4106ac4dd0aa4af0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: K1DGIsUmizRnLMMnREjq0YXiydLnEhYv
content-encoding: gzip
etag: "a1d6426efdec93913dba931e74927d9e"
x-amz-request-id: MTV9EV7BGJGB6PD4
x-amz-meta-cb-modifiedtime: Fri, 27 Aug 2021 07:24:15 GMT
x-amz-replication-status: COMPLETED
content-length: 1986
x-amz-id-2: Xa2aJCjc0YrAY/wfCxJOh7k4DiemsZy/ImseylqYpbb+q7t86dQNzomGo3CVj/Gjh/t1N8EDYtE=
last-modified: Fri, 27 Aug 2021 07:26:07 GMT
server: AmazonS3
date: Mon, 30 Aug 2021 13:06:43 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:43 GMT

GET
H2 200 getmixarticles Show response
recengine.intoday.in/recengine/it/ 5 KB
2 KB 651ms
589ms XHR
application/json 2a02:26f0:6c00:2a2::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://recengine.intoday.in/recengine/it/getmixarticles?utm_medium=web&no=8&utm_source=recengine&newsid=1770388&uid=
Requested by: Host: akm-img-a-in.tosshub.com
URL: https://akm-img-a-in.tosshub.com/sites/indiatoday/recommend-js/check-this-out.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a2::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1669795a66acecc6cbe96fd837a48e05d6b126cdd94a0bfe6f1bffea0803cee1

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 30 Aug 2021 13:06:43 GMT
content-encoding: gzip
server: nginx
content-length: 1647
vary: Accept-Encoding
content-type: application/json

GET
H2 200 css
fonts.googleapis.com/ 11 KB
870 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

93419375ace457303adcb19b0d23de96b1da646564073ce6935795b4458f9670

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:03:09 GMT
server: ESF
date: Mon, 30 Aug 2021 13:06:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Aug 2021 13:06:43 GMT

GET
H2 200 gdpr_status.txt Show response
akm-img-a-in.tosshub.com/sites/common/js/gdpr/ 6 B
153 B 7ms
6ms XHR
text/html 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akm-img-a-in.tosshub.com/sites/common/js/gdpr/gdpr_status.txt
Requested by: Host: akm-img-a-in.tosshub.com
URL: https://akm-img-a-in.tosshub.com/sites/common/js/gdpr/gdpr_changes.min.js?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e82756cab7fba4593496e132a6e1c70ee5f6deaf020dfa4404ac2baf3aff5f3d

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 30 Aug 2021 13:06:43 GMT
cache-control: max-age=1296000
expires: Tue, 14 Sep 2021 13:06:43 GMT
content-length: 6
access-control-allow-methods: GET,POST,PUT
content-type: text/html

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 171 KB
45 KB 9ms
7ms Script
application/javascript 2a02:26f0:6c00::210:ba61
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/47d5a439dc84bb1630674aaff9947baeeb5e6f90.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba61 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d1938bba77cf602c2959ec0ae4df46dde7d0435c4f39952598cd6b345119ad61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 14:09:55 GMT
server: nginx
etag: W/"6124fdb3-2aa96"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7776000
date: Mon, 30 Aug 2021 13:06:43 GMT
akamai-cache-status: Hit from child
content-length: 45305
x-xss-protection: 1; mode=block
expires: Sun, 28 Nov 2021 13:06:43 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 71 KB
25 KB 68ms
66ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2890228c1bd894f4cb3ebb7bf81f53d78053b93fcec008bf7ed69e233ef82909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "973 / 651 of 1000 / last-modified: 1630321926"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25286
x-xss-protection: 0
expires: Mon, 30 Aug 2021 13:06:43 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/528656c7/ Frame DA48 328 KB
45 KB 21ms
7ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/b6ei2kPYcFY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c078314a86a672618d86d4f82ac05c5de9fd0c4761a411f762b4609a54d5f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/b6ei2kPYcFY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 12:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 174849
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46217
x-xss-protection: 0
expires: Sun, 28 Aug 2022 12:32:34 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/528656c7/www-embed-player.vflset/ Frame DA48 193 KB
64 KB 23ms
10ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/b6ei2kPYcFY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b94653f1c7dfbf7e217387d8551ded7227ec76cc0874097622f354cbf0c6c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/b6ei2kPYcFY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:08:41 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 151082
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65344
x-xss-protection: 0
expires: Sun, 28 Aug 2022 19:08:41 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/ Frame DA48 2 MB
498 KB 21ms
8ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/b6ei2kPYcFY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9aff7ee8e719e5bd3bd5bd4df69d236787d750bbf9d9786b68fa1298b42065e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/b6ei2kPYcFY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 17:04:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 331307
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 510079
x-xss-protection: 0
expires: Fri, 26 Aug 2022 17:04:56 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/528656c7/fetch-polyfill.vflset/ Frame DA48 8 KB
3 KB 22ms
11ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/b6ei2kPYcFY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/b6ei2kPYcFY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 368
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Tue, 30 Aug 2022 13:00:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DA48 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/b6ei2kPYcFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 11:21:30 GMT
x-content-type-options: nosniff
age: 265513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 11:21:30 GMT

GET
H2 200 Screenshot_2020-03-16_at_12.10_1_1200x768.png
akm-img-a-in.tosshub.com/indiatoday/images/story/202102/ 41 KB
41 KB 273ms
272ms Image
image/webp 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akm-img-a-in.tosshub.com/indiatoday/images/story/202102/Screenshot_2020-03-16_at_12.10_1_1200x768.png?Vj_FnAFMUEco2q72cWZeTmusOAAHdQDl&size=770:433
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 96c46f63519793705c8d837a734e2d323d378a40ca02bf3d5fd160b8042c3d28

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
last-modified: Thu, 18 Feb 2021 05:09:35 GMT
server: Akamai Image Manager
etag: "47450e4cd0b685aa3026654912a3afbc"
access-control-allow-methods: GET,POST,PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1296000
content-length: 41926
expires: Tue, 14 Sep 2021 13:06:43 GMT

GET
H2 200 gettyimages-1234877212-594x594_1200x768.jpeg
akm-img-a-in.tosshub.com/indiatoday/images/story/202108/ 2 KB
2 KB 61ms
60ms Image
image/webp 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akm-img-a-in.tosshub.com/indiatoday/images/story/202108/gettyimages-1234877212-594x594_1200x768.jpeg?size=88:50
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: b2b7366dc2a8c6752f1b5e0fb5c51cabb08a7c465a961afb407bfb737777a864

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
last-modified: Fri, 27 Aug 2021 05:47:31 GMT
server: Akamai Image Manager
etag: "dc561c5eb66e404f099e49b6ba0ad7ea"
access-control-allow-methods: GET,POST,PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1296000
content-length: 2274
expires: Tue, 14 Sep 2021 13:06:43 GMT

GET
H2 200 sonu_sood_kejri.jpg
akm-img-a-in.tosshub.com/indiatoday/images/story/202108/ 1 KB
2 KB 62ms
61ms Image
image/webp 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akm-img-a-in.tosshub.com/indiatoday/images/story/202108/sonu_sood_kejri.jpg?size=88:50
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: c0e5b9503ac83288a5e6931fdeb3e654593c5b99cd95db8b58d1e83dd72ebd55

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
x-check-cacheable: YES
x-serial: 463
etag: "c2370995eb7540e33eb8a028442167c4"
access-control-allow-methods: GET,POST,PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1296000
last-modified: Fri, 27 Aug 2021 05:49:03 GMT
content-length: 1422
server: Akamai Image Manager
expires: Tue, 14 Sep 2021 13:06:43 GMT

GET
H2 200 Hamid-Mir-opinion_0.jpg
akm-img-a-in.tosshub.com/indiatoday/images/story/202108/ 2 KB
2 KB 62ms
61ms Image
image/webp 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akm-img-a-in.tosshub.com/indiatoday/images/story/202108/Hamid-Mir-opinion_0.jpg?size=88:50
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 059bd43db1b50962404fe0a0e4ed7987c60c81c4e93b05db7687c08b4329e3cb

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
last-modified: Fri, 27 Aug 2021 05:49:01 GMT
server: Akamai Image Manager
etag: "cbd53df93f533751389a4bd9d638aa91"
access-control-allow-methods: GET,POST,PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1296000
content-length: 1564
expires: Tue, 14 Sep 2021 13:06:43 GMT

GET
H2 200 Black_hole_1.jpg
akm-img-a-in.tosshub.com/indiatoday/images/story/202108/ 988 B
1 KB 61ms
60ms Image
image/webp 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akm-img-a-in.tosshub.com/indiatoday/images/story/202108/Black_hole_1.jpg?size=88:50
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: f430ecdfe43bb2643f880c4d6ba74489e25aea3b43e4b46c078feb3d7569dc86

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
last-modified: Fri, 27 Aug 2021 05:49:00 GMT
server: Akamai Image Manager
etag: "010667e4f33cdd40d6d1c8390779a58a"
access-control-allow-methods: GET,POST,PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1296000
content-length: 988
expires: Tue, 14 Sep 2021 13:06:43 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=8549097&ns__t=1630328803213&ns_c=UTF-8&cv=3.5&c8=Can%20downloading%20WhatsApp%20photo%20or%20video%20infect%20your%20phone%20with%20virus%3F%20Not%20likel...
https://sb.scorecardresearch.com/b2?c1=2&c2=8549097&ns__t=1630328803213&ns_c=UTF-8&cv=3.5&c8=Can%20downloading%20WhatsApp%20photo%20or%20video%20infect%20your%20phone%20with%20virus%3F%20Not%20like...

64 B
330 B

87ms
87ms

Image
image/gif

13.224.93.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=8549097&ns__t=1630328803213&ns_c=UTF-8&cv=3.5&c8=Can%20downloading%20WhatsApp%20photo%20or%20video%20infect%20your%20phone%20with%20virus%3F%20Not%20likely%20but%20be%20careful%20-%20Technology%20News&c7=https%3A%2F%2Fwww.indiatoday.in%2Ftechnology%2Fnews%2Fstory%2Fcan-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&c9=
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-85.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: ubDVRjipnUnn549GooNqj1pa_FnQRJWLagERoyI3ov_LBv9c_BlnQw==

Redirect headers

date: Mon, 30 Aug 2021 13:06:43 GMT
via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=8549097&ns__t=1630328803213&ns_c=UTF-8&cv=3.5&c8=Can%20downloading%20WhatsApp%20photo%20or%20video%20infect%20your%20phone%20with%20virus%3F%20Not%20likely%20but%20be%20careful%20-%20Technology%20News&c7=https%3A%2F%2Fwww.indiatoday.in%2Ftechnology%2Fnews%2Fstory%2Fcan-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&c9=
content-length: 449
x-amz-cf-id: pkOuB2GSH4nBhcYXAIXPLp5FhWU332mkZgULHnegxnTc1ucZapTqtw==

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.indiatoday.in
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 12:23:16 GMT
x-content-type-options: nosniff
age: 521007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 12:23:16 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.indiatoday.in
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 07:18:45 GMT
x-content-type-options: nosniff
age: 280078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 07:18:45 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 32ms
32ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.indiatoday.in
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 16:32:47 GMT
x-content-type-options: nosniff
age: 160436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 16:32:47 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.indiatoday.in
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 11:31:42 GMT
x-content-type-options: nosniff
age: 178501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 11:31:42 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
26 B 13ms
12ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=773671035&t=pageview&_s=1&dl=https%3A%2F%2Fwww.indiatoday.in%2Ftechnology%2Fnews%2Fstory%2Fcan-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&ul=en-us&de=UTF-8&dt=Can%20downloading%20WhatsApp%20photo%20or%20video%20infect%20your%20phone%20with%20virus%3F%20Not%20likely%20but%20be%20careful%20-%20Technology%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1949964890&gjid=2126981705&cid=1790186727.1630328803&tid=UA-795349-17&_gid=2033296984.1630328803&_r=1&_slc=1&cd1=Ankita%20Chakravarti&z=1065422807

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.indiatoday.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _r Show response
app.link/ 90 B
567 B 379ms
322ms Script
text/javascript 2600:9000:2190:8c00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.58.3&branch_key=key_live_cgwzd2EvhB7X2XUsBd2N6joitydwu3OS&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:8c00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

a2c460f0ddd84fe2afacef93bc950d5c464f09d7f5c17cbe9e347ee978831d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: ZRH50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 90
etag: W/"5a-NteytQcCiROsAn3xMrnBnYgVilE"
x-amz-cf-id: 6S-noM76OH9yet5klMAJYyqIPTlhkoUN4sPMT-Fnk6_qmuID-0u3bA==

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 101 KB
40 KB 71ms
70ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-N6LMVBH&t=gtm4&cid=1790186727.1630328803

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

054f8116efea609f6f3a586399bee9925e5abe6a9d2f833f7087b6c29fd049d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40567
x-xss-protection: 0
expires: Mon, 30 Aug 2021 13:06:43 GMT

GET
H2 200 cssp.js Show response
akm-img-a-in.tosshub.com/sites/recengine/tracker/2.11.0/ 97 KB
30 KB 67ms
66ms Script
text/plain 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akm-img-a-in.tosshub.com/sites/recengine/tracker/2.11.0/cssp.js
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f15ad02b2ddf09e38a5a8b555d56f3df517799a276bc3c50cadbb6b2b8ef1bf2

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 8dspjT3Q9QgyWM17QDX0EDUJvQvOmeVv
content-encoding: gzip
etag: "e0e5020156288e92205ce8d558436c0d"
x-amz-request-id: WTK8G6M5GWEQWC2E
x-amz-replication-status: COMPLETED
content-length: 30436
x-amz-id-2: TkLPcR4qLacv7myOwJAS68cpUwEXbncGe+JAbzYGCvA948w9NlIeHITxQ1htekT87EWnWrX1IgE=
last-modified: Thu, 03 Jun 2021 06:43:26 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:501/gname:media/uname:media/gid:1003/mode:33188/mtime:1593701832/atime:1622670054/md5:e0e5020156288e92205ce8d558436c0d/ctime:1593701832
date: Mon, 30 Aug 2021 13:06:43 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:06:43 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 64ms
64ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-795349-17&cid=1790186727.1630328803&jid=1949964890&gjid=2126981705&_gid=2033296984.1630328803&_u=YEBAAEAAAAAAAC~&z=316167984

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 30 Aug 2021 13:06:43 GMT
content-type: text/plain
access-control-allow-origin: https://www.indiatoday.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
108 B 79ms
78ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-795349-17&cid=1790186727.1630328803&jid=1949964890&_u=YEBAAEAAAAAAAC~&z=1730144789

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 80ms
79ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-795349-17&cid=1790186727.1630328803&jid=1949964890&_u=YEBAAEAAAAAAAC~&z=1730144789

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021082501.js Show response
securepubads.g.doubleclick.net/gpt/ 330 KB
116 KB 87ms
15ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

bb74cc8e45d1408e44d42285d7c37a61cb1e79b7b700349757649e38a2e94350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 08:38:40 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118226
x-xss-protection: 0
expires: Mon, 30 Aug 2021 13:06:43 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 249 B
792 B 87ms
17ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.indiatoday.in

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

eae042efcf0e9067ef285b37c4fa7f6d00286f7e538191ea55063e7fba98d237

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 13:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134
x-xss-protection: 0
expires: Mon, 30 Aug 2021 13:06:43 GMT

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame DA48
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

31ms
27ms

XHR
application/json

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/b6ei2kPYcFY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c3ac617d284e3ef9696643ce105356ec51cdbe72134b62f811407873d7622a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 30 Aug 2021 13:06:43 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame DA48 29 B
424 B 62ms
6ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 12:57:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 525
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Mon, 30 Aug 2021 13:12:58 GMT

OPTIONS
H2 200 tp2
recengine.intoday.in/collector/com.snowplowanalytics.snowplow/ Frame 0
0 60ms
59ms Preflight
text/html 2a02:26f0:6c00:2a2::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://recengine.intoday.in/collector/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Server: 2a02:26f0:6c00:2a2::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.indiatoday.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html
content-length: 366
date: Mon, 30 Aug 2021 13:06:43 GMT
access-control-allow-origin: https://www.indiatoday.in

POST tp2
recengine.intoday.in/collector/com.snowplowanalytics.snowplow/ 0
0

GET
H2 200 efidwq Show response
recengine.intoday.in/recengine/info/ 28 B
255 B 184ms
166ms XHR
application/json 2a02:26f0:6c00:2a2::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://recengine.intoday.in/recengine/info/efidwq
Requested by: Host: akm-img-a-in.tosshub.com
URL: https://akm-img-a-in.tosshub.com/sites/recengine/tracker/2.11.0/cssp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a2::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 04be4f23e1135a2993e7a58d5e23a4868f331c1c9cd3f09482f054ac0006f4d7

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:44 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.indiatoday.in
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 28
expires: Mon, 30 Aug 2021 13:06:44 GMT

OPTIONS
H2 200 efidwq
recengine.intoday.in/recengine/info/ Frame 0
0 218ms
217ms Preflight
text/html 2a02:26f0:6c00:2a2::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://recengine.intoday.in/recengine/info/efidwq
Protocol: H2
Server: 2a02:26f0:6c00:2a2::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.indiatoday.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=utf-8
content-length: 0
server: nginx
allow: GET, POST, OPTIONS, HEAD
access-control-allow-headers: content-type Content-Type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
expires: Mon, 30 Aug 2021 13:06:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 30 Aug 2021 13:06:43 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.indiatoday.in

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/ Frame DA48 95 KB
29 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0341aa2b26637f24e2643104996111beb5fb458194480df74f5c24ee2fe5204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/b6ei2kPYcFY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 18:06:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 154800
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29766
x-xss-protection: 0
expires: Sun, 28 Aug 2022 18:06:43 GMT

GET
H3-29 200 EDCj09Pb8pUjHXIFJS_PfBpELTlNnUOPUqilxM0kJLA.js Show response
www.google.com/js/th/ Frame DA48 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/EDCj09Pb8pUjHXIFJS_PfBpELTlNnUOPUqilxM0kJLA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1030a3d3d3dbf295231d7205252fcf7c1a442d394d9d438f52a8a5c4cd2424b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 01:43:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 386574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13425
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 09:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Aug 2022 01:43:49 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/ Frame DA48 24 KB
7 KB 38ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85fb5079e16d13b344437f48d856c37aeddfb16f50a139f3520821a6eeed670f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/b6ei2kPYcFY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 17:04:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 331307
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7286
x-xss-protection: 0
expires: Fri, 26 Aug 2022 17:04:56 GMT

GET
DATA 200
OK truncated
/ Frame DA48 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLS4_98Jcug9HTj0Be7bPhIJOBc3mB2MUaQNO0G40Q=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame DA48 5 KB
5 KB 33ms
8ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLS4_98Jcug9HTj0Be7bPhIJOBc3mB2MUaQNO0G40Q=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/b6ei2kPYcFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c6f548056f9346966b4d8ecd6fb653e82f1ddf15a069eff89a47ae3e6b030b0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 11:14:31 GMT
x-content-type-options: nosniff
age: 6732
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4847
x-xss-protection: 0
server: fife
etag: "v146"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 25 Aug 2021 17:23:52 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/b6ei2kPYcFY/ Frame DA48 48 KB
48 KB 18ms
17ms Image
image/webp 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/b6ei2kPYcFY/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/b6ei2kPYcFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3208ac84538abaa27d8232c60be8bf35c007f7293679b0d1f7f0843fd055ec45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1613140967"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48788
x-xss-protection: 0
expires: Mon, 30 Aug 2021 15:06:43 GMT

GET
H2 200 left_arrow1.png
smedia2.intoday.in/businesstoday/1.0.5/resources/css/images/ 1 KB
1 KB 95ms
19ms Image
image/png 104.111.232.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smedia2.intoday.in/businesstoday/1.0.5/resources/css/images/left_arrow1.png
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-29.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f492ff7030f71bd12ddde06d1749dc68ac7ac63fce65aa2d971a2ba9342434e8

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Mon, 30 Aug 2021 13:06:43 GMT
last-modified: Tue, 03 Jul 2018 09:58:03 GMT
server: nginx
etag: "5b3b48ab-484"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=1296000
accept-ranges: bytes
content-length: 1156
expires: Tue, 14 Sep 2021 13:06:43 GMT

GET
H2 200 right_arrow1.png
smedia2.intoday.in/businesstoday/1.0.5/resources/css/images/ 1 KB
1 KB 94ms
21ms Image
image/png 104.111.232.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smedia2.intoday.in/businesstoday/1.0.5/resources/css/images/right_arrow1.png
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-29.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 274a5643f4ea2a5c7bfba15de58afd4df05f5262ee299f6986c607261ca49067

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Mon, 30 Aug 2021 13:06:43 GMT
last-modified: Tue, 03 Jul 2018 09:58:02 GMT
server: nginx
etag: "5b3b48aa-47a"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=1296000
accept-ranges: bytes
content-length: 1146
expires: Tue, 14 Sep 2021 13:06:43 GMT

GET
H2 200 windows_11_laptops_0-170x96.jpeg
akm-img-a-in.tosshub.com/indiatoday/images/story/202108/ 4 KB
4 KB 43ms
41ms Image
image/webp 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akm-img-a-in.tosshub.com/indiatoday/images/story/202108/windows_11_laptops_0-170x96.jpeg?tFw9klcPz.7eulHuuUg5X1SYzLRyPHoI
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: f519b28bd0a84d6cf29f5aba1802e0a8dafffd3d9467eb5c76460ffcd9ac6ccd

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
last-modified: Mon, 30 Aug 2021 11:30:55 GMT
server: Akamai Image Manager
etag: "13efeee8a746296d8f57e71c7be677dc"
access-control-allow-methods: GET,POST,PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1296000
content-length: 4130
expires: Tue, 14 Sep 2021 13:06:43 GMT

GET
H2 200 RTX8NZDF_0-170x96.png
akm-img-a-in.tosshub.com/indiatoday/images/story/202108/ 9 KB
9 KB 38ms
36ms Image
image/webp 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akm-img-a-in.tosshub.com/indiatoday/images/story/202108/RTX8NZDF_0-170x96.png?8h7FumZj_LBql6NBWCPFQwle7EVn966F
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 95241a0cf0b3616e54e6e0be6a3e86db2485372450f70652ed048826e334b600

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
x-check-cacheable: YES
x-serial: 1157
etag: "ecd5bea4fba74e5e587a4f02b1363de3"
access-control-allow-methods: GET,POST,PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1296000
last-modified: Thu, 26 Aug 2021 07:44:31 GMT
content-length: 8932
server: Akamai Image Manager
expires: Tue, 14 Sep 2021 13:06:43 GMT

GET
H2 200 RTX95YCC-170x96.png
akm-img-a-in.tosshub.com/indiatoday/images/story/202108/ 2 KB
2 KB 63ms
61ms Image
image/webp 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akm-img-a-in.tosshub.com/indiatoday/images/story/202108/RTX95YCC-170x96.png?KFRqxtwkoP59QIsq4xuJ8VghfiKmbBVm
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 9daada51e01782d9b5d940d57536c8878bbdf16ab254c08432d70921d7f69cd0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
x-check-cacheable: YES
x-serial: 676
etag: "1f0c1b9b06244d79d64430c1955ad0e8"
access-control-allow-methods: GET,POST,PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1296000
last-modified: Sat, 28 Aug 2021 12:07:13 GMT
content-length: 2126
server: Akamai Image Manager
expires: Tue, 14 Sep 2021 13:06:43 GMT

GET
H2 200 Screenshot_2020-03-16_at_12.11_3-170x96.png
akm-img-a-in.tosshub.com/indiatoday/images/story/202108/ 7 KB
7 KB 81ms
80ms Image
image/webp 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akm-img-a-in.tosshub.com/indiatoday/images/story/202108/Screenshot_2020-03-16_at_12.11_3-170x96.png?NXcSQAk.RKojfgMn3Y.5e2cqOklGwVR7
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 05d9a5b9f15a7b3fd593bf6656fab8bb7dc416e788c0e92381063d8685a09516

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
last-modified: Fri, 27 Aug 2021 03:35:07 GMT
server: Akamai Image Manager
etag: "35f45fdd1a97a5d260879cf1bc096aac"
access-control-allow-methods: GET,POST,PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1296000
content-length: 6920
expires: Tue, 14 Sep 2021 13:06:43 GMT

GET
H2 200 dead_1_1-170x96.jpeg
akm-img-a-in.tosshub.com/indiatoday/images/story/202108/ 3 KB
3 KB 77ms
77ms Image
image/webp 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akm-img-a-in.tosshub.com/indiatoday/images/story/202108/dead_1_1-170x96.jpeg?AZq0EeqA2SKr4Iqr7nSsHjuZhiOP6PLD
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 745f70cea91e86ae22b178cfac973b375a750dabbe9afde5b93fa050c96b01b2

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
x-check-cacheable: YES
x-serial: 19
etag: "984c2258a6b802a83ebb3412a825c2f6"
access-control-allow-methods: GET,POST,PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1296000
last-modified: Wed, 25 Aug 2021 14:14:10 GMT
content-length: 2840
server: Akamai Image Manager
expires: Tue, 14 Sep 2021 13:06:43 GMT

GET
H2 200 Screenshot_2021-08-25_at_5.50.-170x96.png
akm-img-a-in.tosshub.com/indiatoday/images/story/202108/ 4 KB
5 KB 79ms
79ms Image
image/webp 2a02:26f0:7100:1b1::1ac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akm-img-a-in.tosshub.com/indiatoday/images/story/202108/Screenshot_2021-08-25_at_5.50.-170x96.png?ZC6HEO9_aEucIQq_M_H19oVO_UgIG0j2
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b1::1ac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 13544bd60f8b90223472b35619803208c9a0f5ebb0ce3106dc46a7f045b2ff31

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
x-check-cacheable: YES
x-serial: 746
etag: "d6fa582d4fc7e44a41d7ff38bebfe95a"
access-control-allow-methods: GET,POST,PUT
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1296000
last-modified: Wed, 25 Aug 2021 12:22:12 GMT
content-length: 4454
server: Akamai Image Manager
expires: Tue, 14 Sep 2021 13:06:43 GMT

GET
H/1.1 200
OK fmm.js Show response
saxp.zedo.com/asw/fmm/821/ 0
365 B 167ms
166ms Script
application/x-javascript 52.9.74.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://saxp.zedo.com/asw/fmm/821/fmm.js?n=821&tt=8&r=129&c1=2044&s1=2&d1=54&ct1=cat:Technology,TechnologyStory,Story,1770388&c2=2044&s2=2&d2=31&ct2=cat:Technology,TechnologyStory,Story,1770388&mi=1270&pi=1,2&z=0.7527811786375829&pu=https%3A%2F%2Fwww.indiatoday.in%2Ftechnology%2Fnews%2Fstory%2Fcan-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&ru=&zpu=www.indiatoday.in____1_&tpu=&ad_calls=
Requested by: Host: saxp.zedo.com
URL: https://saxp.zedo.com/sclient/tt3/fmos.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.74.67 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-74-67.us-west-1.compute.amazonaws.com
Software: Zedo4G /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 13:06:44 GMT
Content-Encoding: gzip
Server: Zedo4G
Vary: Accept-Encoding, Accept-Encoding, User-Agent
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Connection: keep-alive
Content-Type: application/x-javascript;charset=UTF-8
Content-Length: 20

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 711 B
5 KB 124ms
35ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11350&site_id=30246&zone_id=903646%3B903636%3B917306%3B903654&size_id=2%3B15%3B15%3B2&alt_size_ids=%3B%3B10%3B&eid_pubcid.org=7e5a4c9d-807c-4ec4-8392-ec86fa2835cb%5E1&rf=https%3A%2F%2Fwww.indiatoday.in%2Ftechnology%2Fnews%2Fstory%2Fcan-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&tg_i.pbadslot=1007232%2FIndiatoday_ROS_ATF_728x90-300x250%3B1007232%2FIndiatoday_ROS_ATF_300x250%3B1007232%2FIndiatoday_ROS_MTF_300x250%3B1007232%2FIndiatoday_ROS_BTF_728x90-300x250&tg_i.dfp_ad_unit_code=1007232%2FIndiatoday_ROS_ATF_728x90-300x250%3B1007232%2FIndiatoday_ROS_ATF_300x250%3B1007232%2FIndiatoday_ROS_MTF_300x250%3B1007232%2FIndiatoday_ROS_BTF_728x90-300x250&tk_flint=pbjs_lite_v4.25.0&x_source.tid=c04f8ad7-88c2-4d13-a55e-db9294a8fa27%3B4c48a757-49d0-4cc4-bb20-8afbbfbc2edd%3Bf0899042-088d-4952-89c8-51815d6a0f63%3B3db8ec4a-a324-407a-ba16-dbd324a79112&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=4&rand=0.5714334794022762
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e241c405d64783e323c3c2254cb5769a59f8d19101255e3cc55355fd22059262

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 13:06:44 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.indiatoday.in
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 711
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
374 B 151ms
64ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=266125&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%226c88aa6ebecb9e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.indiatoday.in%2Ftechnology%2Fnews%2Fstory%2Fcan-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A4%2C%22ren%22%3Afalse%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227c04919bfd97ab%22%2C%22ext%22%3A%7B%22siteID%22%3A%22266125%22%2C%22sid%22%3A%225%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2287bd938e63507c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22266126%22%2C%22sid%22%3A%226%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%229cadf06e29ef4d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22266127%22%2C%22sid%22%3A%227%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2210e76fd2acd3683%22%2C%22ext%22%3A%7B%22siteID%22%3A%22266127%22%2C%22sid%22%3A%227%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22119442dd73e43fb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22266129%22%2C%22sid%22%3A%229%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 81542e48f819747ee06c1943f1a8f4e3c9c21208d8d6847897a6c1d39e2ea065

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:44 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[89.249.64.171], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.indiatoday.in
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 12
expires: Mon, 30 Aug 2021 13:06:44 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
699 B 102ms
51ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 13:06:44 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d97843bf-10cb-45fb-a1bb-b79aa27e7bf7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.indiatoday.in
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 18 KB
8 KB 243ms
192ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3d49e0af018a39be1bc17da23ae814d7ee84f2b25084a779e71ec4b37dd8022

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.indiatoday.in
date: Mon, 30 Aug 2021 13:06:44 GMT
content-encoding: gzip
x-openrtb-version: 2.3
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 59ms
15ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.indiatoday.in
date: Mon, 30 Aug 2021 13:06:42 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
62 B 138ms
96ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.indiatoday.in
date: Mon, 30 Aug 2021 13:06:44 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 open Show response
api2.branch.io/v1/ 272 B
587 B 225ms
176ms XHR
application/json 2600:9000:2190:9600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2afdfcaa2a1a8e41bd64613dc1c84ae5a33357e13d81de8a8e5dc6bc7733e6da

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 30 Aug 2021 13:06:44 GMT
via: 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: e03a67bdfd694b0b86ba3084ad3ac2fa-2021083013
content-length: 272
x-amz-cf-id: YfF3B8Kboy7NlZQZLALk5CvgSaD9aQCv5DVs9V8SL3PNT6Jngn-XdQ==

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame DA48 4 KB
2 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:44 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Mon, 30 Aug 2021 13:06:44 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame DA48 0
9 B 8ms
8ms Image
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?6BmAEg
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/b6ei2kPYcFY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 17F1 281 B
554 B 77ms
54ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.indiatoday.in/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KSYNOC8L-1W-1OS; rsid=1|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+eZLvlgeCkRh3C4WPGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==; ses2=; vis2=30246^1; audit=1|hLZGFuTafB360K6nW9DAaEXCma7a0HRK3gerHkdQ2/BrMLBByc4yi0xVn6dlIgt019czo9pVdTkmGweUluV0N0uEjxpNessgpmvllXEtYN4=; ses15=; vis15=30246^1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.indiatoday.in/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 30 Aug 2021 13:06:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FD67 52 KB
17 KB 102ms
20ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.indiatoday.in/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.indiatoday.in/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Tue, 31 Aug 2021 13:06:46 GMT
Date: Mon, 30 Aug 2021 13:06:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 41C8 38 KB
14 KB 21ms
21ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.indiatoday.in/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.indiatoday.in/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=111200
expires: Tue, 31 Aug 2021 20:00:04 GMT
date: Mon, 30 Aug 2021 13:06:44 GMT
vary: Accept-Encoding

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
390 B 331ms
331ms XHR
application/json 2600:9000:2190:9600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 30 Aug 2021 13:06:44 GMT
via: 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: f733b07b6cd44ab2a3c33574f8e35bee-2021083013
content-length: 28
x-amz-cf-id: LPRqu-ndUDDjNMLPyZVEnzt6Qe8u54kRVb52RUq3cgzTmX1IXf1PLw==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 19ms
19ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.indiatoday.in

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 13:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 20ms
20ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.indiatoday.in

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 13:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 696 KB
119 KB 1072ms
1054ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2825322213698349&correlator=1020727828449649&output=ldjh&impl=fifs&eid=31062141%2C31062395%2C44748552%2C31062297&vrg=2021082501&ptt=17&sc=1&sfv=1-0-38&ecs=20210830&iu_parts=1007232%2CIndiatoday_ROS_ATF_728x90-300x250%2CIndiatoday_ROS_ATF_300x250%2CIndiatoday_ROS_MTF_300x250%2CIndiatoday_ROS_BTF_728x90-300x250%2CIndiatoday_ROS_Innovation_1x1%2CIndiatoday_ROS_1_Innovation_1x1%2CIndiatoday_Teads_1x1%2CIndiatoday_ROS_MTF_1_300x250-728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F8&prev_iu_szs=728x90%2C300x250%2C300x250%7C300x600%2C728x90%2C1x1%2C1x1%2C1x1%2C728x90%2C728x90&prev_scp=pwtsid_pubmatic%3D25e90635f0ff4db%26pwtbst_pubmatic%3D1%26pwtecp_pubmatic%3D0.02%26pwtsz_pubmatic%3D728x90%26pwtsid%3D25e90635f0ff4db%26pwtbst%3D1%26pwtecp%3D0.02%26pwtpid%3Dpubmatic%26pwtpubid%3D156066%26pwtprofid%3D551%26pwtverid%3D39%26pwtsz%3D728x90%26pwtplt%3Ddisplay%7Cpwtsid_pubmatic%3D26f91d09846477a%26pwtbst_pubmatic%3D1%26pwtecp_pubmatic%3D0.02%26pwtsz_pubmatic%3D300x250%26pwtsid%3D26f91d09846477a%26pwtbst%3D1%26pwtecp%3D0.02%26pwtpid%3Dpubmatic%26pwtpubid%3D156066%26pwtprofid%3D551%26pwtverid%3D39%26pwtsz%3D300x250%26pwtplt%3Ddisplay%7Cpwtsid_pubmatic%3D27730d4b3984964%26pwtbst_pubmatic%3D1%26pwtecp_pubmatic%3D0.02%26pwtsz_pubmatic%3D300x250%26pwtsid%3D27730d4b3984964%26pwtbst%3D1%26pwtecp%3D0.02%26pwtpid%3Dpubmatic%26pwtpubid%3D156066%26pwtprofid%3D551%26pwtverid%3D39%26pwtsz%3D300x250%26pwtplt%3Ddisplay%7Cpwtsid_pubmatic%3D286491950c29bd7%26pwtbst_pubmatic%3D1%26pwtecp_pubmatic%3D0.02%26pwtsz_pubmatic%3D728x90%26pwtsid%3D286491950c29bd7%26pwtbst%3D1%26pwtecp%3D0.02%26pwtpid%3Dpubmatic%26pwtpubid%3D156066%26pwtprofid%3D551%26pwtverid%3D39%26pwtsz%3D728x90%26pwtplt%3Ddisplay%7Cpwtsid_pubmatic%3D29f49d88a3a3aea%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D30887aef5af715%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D31520041273881%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Ccategory%3DTechnology%2CTechnologyStory%2CStory%2C1770388%2Cindiatoday-story-loop-0%26pwtsid_pubmatic%3D234996abdff2192%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Ccategory%3DTechnology%2CTechnologyStory%2CStory%2C1770388%2Cindiatoday-story-loop-1%26pwtsid_pubmatic%3D242bfa37f04e179%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&cust_params=category%3DTechnology%252CTechnologyStory%252CStory%252C1770388%26keywords%3Dwhatsapp%252Cwhatsapp%2520link%252Cwhatsapp%2520malcious%2520links%252Cwhatsapp%2520image&cookie_enabled=1&bc=31&abxe=1&lmt=1630328804&dt=1630328804383&dlt=1630328802539&idt=1430&frm=20&biw=1600&bih=1200&oid=3&adxs=215%2C1050%2C1050%2C215%2C0%2C0%2C215%2C215%2C215&adys=444%2C248%2C3172%2C4853%2C0%2C1%2C1495%2C1876%2C2443&adks=1937186414%2C1177974948%2C3854210177%2C3031796962%2C2867671329%2C3548145748%2C3569411820%2C1812924482%2C1812924861&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.indiatoday.in%2Ftechnology%2Fnews%2Fstory%2Fcan-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&vis=1&dmc=8&scr_x=0&scr_y=0&psz=770x0%7C368x322%7C368x72%7C1170x106%7C1600x5473%7C1600x5473%7C770x1%7C770x-1%7C770x-1&msz=770x0%7C300x-1%7C300x0%7C1170x90%7C1x-1%7C1x-1%7C1x-1%7C770x-1%7C770x-1&ga_vid=1790186727.1630328803&ga_sid=1630328804&ga_hid=773671035&ga_fc=false&fws=0%2C0%2C0%2C0%2C0%2C0%2C4%2C4%2C4&ohw=0%2C0%2C0%2C0%2C0%2C0%2C770%2C770%2C770&btvi=0%7C0%7C1%7C2%7C0%7C0%7C3%7C4%7C5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

de7cbf67ddf22756d36e14e8c1a4fdcebd37495e98d66ca786fbe08f34a17094

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2441951840195814638/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2441951840195814638/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNPLi4ro2PICFaDQuwgd1GoEnA&gqi=&layout=/sadbundle/%24csp%253Der3%24/2441951840195814638/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17274917367902316614/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17274917367902316614/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKrQi4ro2PICFaDQuwgd1GoEnA&gqi=&layout=/sadbundle/%24csp%253Der3%24/17274917367902316614/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164962102243330542/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164962102243330542/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COzMi4ro2PICFaDQuwgd1GoEnA&gqi=&layout=/sadbundle/%24csp%253Der3%24/5164962102243330542/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2441951840195814638/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2441951840195814638/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNPLi4ro2PICFaDQuwgd1GoEnA&gqi=&layout=/sadbundle/%24csp%253Der3%24/2441951840195814638/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17274917367902316614/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17274917367902316614/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKrQi4ro2PICFaDQuwgd1GoEnA&gqi=&layout=/sadbundle/%24csp%253Der3%24/17274917367902316614/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164962102243330542/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164962102243330542/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COzMi4ro2PICFaDQuwgd1GoEnA&gqi=&layout=/sadbundle/%24csp%253Der3%24/5164962102243330542/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
google-creative-id: -1,-1,-1,138213484816,-2,138334194178,-2,-1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121700
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,4452361371,-2,5560399839,-2,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Mon, 30 Aug 2021 13:06:45 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.indiatoday.in
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C98E 6 KB
3 KB 92ms
58ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.indiatoday.in/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.indiatoday.in/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 30 Aug 2021 13:06:44 GMT
expires: Tue, 30 Aug 2022 13:06:44 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame C7EC 2 KB
1 KB 105ms
20ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.indiatoday.in/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.indiatoday.in/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Mon, 30 Aug 2021 13:06:44 GMT
Connection: keep-alive

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 41C8 2 KB
3 KB 59ms
59ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45974978&p=156066&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: f0af455a63e4a968054fbd32b7f327a292dcf011711e5e2c31fba07ec498b6c4

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 17F1 31 KB
10 KB 9ms
8ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 494455bc5f6ad4feafabd56c73a3b0c9797b8392924b7af85dffd80182f29177

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 13:06:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Aug 2021 22:28:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=34729
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9358
Expires: Mon, 30 Aug 2021 22:45:33 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame FD67
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
803 B

125ms
114ms

Script
text/html

37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 13:06:44 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f7c7f8c1-796b-4799-8033-5d609c0f570b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 13:06:44 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9eab206c-099f-485a-a033-648137608177
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 1B77
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=F5B11BEE-CECD-49F0-A3E9-71B67DFFCD53
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F5B11BEE-CECD-49F0-A3E9-71B67DFFCD53

35 B
468 B

61ms
60ms

Document
image/gif

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F5B11BEE-CECD-49F0-A3E9-71B67DFFCD53

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=F5B11BEE-CECD-49F0-A3E9-71B67DFFCD53
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 30 Aug 2021 13:06:44 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=8943234531672203657; expires=Fri, 29 Oct 2021 13:06:44 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Mon, 30 Aug 2021 13:06:44 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F5B11BEE-CECD-49F0-A3E9-71B67DFFCD53
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Thu, 30 Sep 2021 13:06:44 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame D731
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2446312806791468096

42 B
211 B

19ms
19ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2446312806791468096
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2446312806791468096
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=F5B11BEE-CECD-49F0-A3E9-71B67DFFCD53; chkChromeAb67Sec=1; DPSync3=1630368000%3A174%7C1631491200%3A197_219_201; SyncRTB3=1630886400%3A223%7C1631577600%3A35%7C1631491200%3A161_56_21_13_7_54_3_220; PUBMDCID=3; KRTBCOOKIE_57=22776-1732472909786184169; PugT=1630328804; KRTBCOOKIE_80=22987-CAESEO2n1WCyPD3-c6HpWP6nPYw&KRTB&16514-CAESEO2n1WCyPD3-c6HpWP6nPYw&KRTB&23025-CAESEO2n1WCyPD3-c6HpWP6nPYw; KRTBCOOKIE_27=16735-uid:37cc612c-d7e4-4d00-bfef-8354bcd4aa78&KRTB&16736-uid:37cc612c-d7e4-4d00-bfef-8354bcd4aa78&KRTB&23019-uid:37cc612c-d7e4-4d00-bfef-8354bcd4aa78&KRTB&23114-uid:37cc612c-d7e4-4d00-bfef-8354bcd4aa78; SPugT=1630328803; KRTBCOOKIE_391=22924-8371353742125682364&KRTB&23263-8371353742125682364
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 30 Aug 2021 13:06:44 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_336=5844-2446312806791468096; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 29-Sep-2021 13:06:44 GMT; path=/ PugT=1630328804; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 29-Sep-2021 13:06:44 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 28-Nov-2021 13:06:44 GMT; path=/
x-lat: lhrpug018:0:399
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2446312806791468096
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 66CE 43 B
338 B 148ms
53ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Mon, 30 Aug 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1215
date: Mon, 30 Aug 2021 13:06:44 GMT
content-length: 43

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 41C8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9bEb7s7NSfCj6XG2ff_NUw%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

41ms
41ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:44 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=152580
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Wed, 01 Sep 2021 07:29:44 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 41C8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ec18612c-d7e4-4900-99ce-413fa884080a

0
260 B

85ms
18ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ec18612c-d7e4-4900-99ce-413fa884080a
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 30 Aug 2021 13:06:44 GMT
Server: MT3 3865 cc0e612 master zrh-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ec18612c-d7e4-4900-99ce-413fa884080a
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 30 Aug 2021 13:06:43 GMT

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame 41C8
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=F5B11BEE-CECD-49F0-A3E9-71B67DFFCD53
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=978b51e72caaa335a1a55453f68a3d6d

35 B
248 B

15ms
15ms

Image
image/gif

51.210.112.236
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=978b51e72caaa335a1a55453f68a3d6d
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.112.236 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-1.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

date: Mon, 30 Aug 2021 13:06:44 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=978b51e72caaa335a1a55453f68a3d6d
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 41C8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjVCMTFCRUUtQ0VDRC00OUYwLUEzRTktNzFCNjdERkZDRDUz&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
342 B

142ms
58ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:44 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:443
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 41C8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO2n1WCyPD3-c6HpWP6nPYw&google_cver=1

42 B
283 B

143ms
59ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO2n1WCyPD3-c6HpWP6nPYw&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:44 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:1259
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO2n1WCyPD3-c6HpWP6nPYw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 41C8 43 B
611 B 95ms
19ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:44 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 29 Aug 2021 13:06:44 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 41C8
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8371353742125682364

42 B
235 B

21ms
20ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8371353742125682364
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:44 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug015:0:449
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:44 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8371353742125682364
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 41C8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:37cc612c-d7e4-4d00-bfef-8354bcd4aa78&gdpr=0&gdpr_consent=

42 B
341 B

56ms
47ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:37cc612c-d7e4-4d00-bfef-8354bcd4aa78&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:44 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:479
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 30 Aug 2021 13:06:44 GMT
Server: MT3 3865 cc0e612 master zrh-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:37cc612c-d7e4-4d00-bfef-8354bcd4aa78&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 30 Aug 2021 13:06:43 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 41C8
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ea9b75a2-7487-404b-8c28-7d896bf3020c

42 B
295 B

36ms
36ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ea9b75a2-7487-404b-8c28-7d896bf3020c
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:44 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:474
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:44 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ea9b75a2-7487-404b-8c28-7d896bf3020c
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 41C8
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1732472909786184169&gdpr=0&gdpr_consent=

42 B
289 B

92ms
59ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1732472909786184169&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:44 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug002:0:396
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 13:06:44 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 7fd9d44c-5844-4ac4-bb77-774174d55dd5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1732472909786184169&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 41C8
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F5B11BEE-CECD-49F0-A3E9-71B67DFFCD53&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F5B11BEE-CECD-49F0-A3E9-71B67DFFCD53&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-OK7oRh9E2uU5BdwGHE.kpMNqxNtQEjA-~A&gdpr=0&gdpr_consent=

0
48 B

15ms
15ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-OK7oRh9E2uU5BdwGHE.kpMNqxNtQEjA-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:43 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 30 Aug 2021 13:06:44 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-OK7oRh9E2uU5BdwGHE.kpMNqxNtQEjA-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 3442
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.indiatoday.in/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.indiatoday.in/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

89ms
88ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.indiatoday.in/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 824d3a8d825c6ce58fe2fe8b7772a4652e966866afb0ea89a78f4da6814212e3

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YSzX5Er6Xvpd2x-Bjo.98wAA; CMPS=5182
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|39|45|191|41|13|8
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1687
Expires: Mon, 30 Aug 2021 13:06:44 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 30 Aug 2021 13:06:44 GMT
Connection: keep-alive
Set-Cookie: CMID=YSzX5Er6Xvpd2x-Bjo.98wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 30 Aug 2022 13:06:44 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 28 Nov 2021 13:06:44 GMT CMPRO=1208;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 28 Nov 2021 13:06:44 GMT CMRUM3=27612cd7e40b40&e6612cd7e42760&0d612cd7e405a0&f1612cd7e405a0&2d612cd7e405a0&08612cd7e405a00&29612cd7e405a0&bf612cd7e405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 30 Aug 2022 13:06:44 GMT CMST=YSzX5GEs1+QA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 13:06:44 GMT

Redirect headers

Server: Apache
Content-Length: 340
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.indiatoday.in/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 30 Aug 2021 13:06:44 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 30 Aug 2021 13:06:44 GMT
Connection: keep-alive
Set-Cookie: CMID=YSzX5Er6Xvpd2x-Bjo.98wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 30 Aug 2022 13:06:44 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 28 Nov 2021 13:06:44 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 17F1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YSzX5AAEDBP4wgAC
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YSzX5AAEDBP4wgAC&_test=YSzX5AAEDBP4wgAC

0
239 B

44ms
28ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YSzX5AAEDBP4wgAC&_test=YSzX5AAEDBP4wgAC
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:44 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1630328805.803117,VS0,VE0
x-served-by: cache-fra19137-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YSzX5AAEDBP4wgAC&_test=YSzX5AAEDBP4wgAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 17F1
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTE0N2ZlNzU4ODA4NmU1NGQ1ZTM1ZTRjZmQzNDJmMjRiZDY1YWQ4ZQ

170 B
188 B

19ms
18ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTE0N2ZlNzU4ODA4NmU1NGQ1ZTM1ZTRjZmQzNDJmMjRiZDY1YWQ4ZQ

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTE0N2ZlNzU4ODA4NmU1NGQ1ZTM1ZTRjZmQzNDJmMjRiZDY1YWQ4ZQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 17F1 0
0 83ms
54ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 17F1 70 B
265 B 85ms
73ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 17F1
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/yjO89Ccobo5Dg0iRZ5hFfA?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1330311211377205161

0
239 B

24ms
23ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1330311211377205161
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

date: Mon, 30 Aug 2021 13:06:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1330311211377205161
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 17F1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPlFVh-rhoLhm-tnBHpYi_g&google_cver=1

0
239 B

105ms
21ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPlFVh-rhoLhm-tnBHpYi_g&google_cver=1
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPlFVh-rhoLhm-tnBHpYi_g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 17F1
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSYNOC8L-1W-1OS&sigv=1&esig=2~700448d825ecd26bea618c57baaabc13cec9f1d4

0
447 B

24ms
7ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSYNOC8L-1W-1OS&sigv=1&esig=2~700448d825ecd26bea618c57baaabc13cec9f1d4

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:44 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSYNOC8L-1W-1OS&sigv=1&esig=2~700448d825ecd26bea618c57baaabc13cec9f1d4
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 17F1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=752c612c-d7e4-4c00-9c58-26f78da7c49e

0
239 B

60ms
20ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=752c612c-d7e4-4c00-9c58-26f78da7c49e
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

Date: Mon, 30 Aug 2021 13:06:44 GMT
Server: MT3 3865 cc0e612 master zrh-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=752c612c-d7e4-4c00-9c58-26f78da7c49e
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 30 Aug 2021 13:06:43 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 3442
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSzX5Er6Xvpd2x_Bjo-98wAABLgAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSzX5Er6Xvpd2x_Bjo-98wAABLgAAAAB&dcc=t

43 B
645 B

102ms
102ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSzX5Er6Xvpd2x_Bjo-98wAABLgAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.indiatoday.in/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 13:06:45 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 92YPFDRJBSSG9SP44N4K
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 13:06:45 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 916AV9PKVF01MX041GN3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSzX5Er6Xvpd2x_Bjo-98wAABLgAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 3442
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSzX5Er6Xvpd2x_Bjo-98wAABLgAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEI6yEPfeJo3ngbJuJc_OyaY&google_cver=1

43 B
315 B

28ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEI6yEPfeJo3ngbJuJc_OyaY&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.indiatoday.in/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 13:06:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 30 Aug 2021 13:06:44 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEI6yEPfeJo3ngbJuJc_OyaY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 3442 70 B
264 B 54ms
52ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.indiatoday.in/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3442
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSzX5Er6Xvpd2x-Bjo.98wAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFf8XjsZCXIy8-EDHer2Ovg&google_cver=1&gdpr=1&google_hm=2

43 B
1000 B

26ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFf8XjsZCXIy8-EDHer2Ovg&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.indiatoday.in/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 13:06:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 30 Aug 2021 13:06:44 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFf8XjsZCXIy8-EDHer2Ovg&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index
dmp.brand-display.com/cm/api/ Frame 3442 43 B
253 B 4681ms
4654ms Image
image/gif 35.241.40.233
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.indiatoday.in/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.40.241.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:49 GMT
via: 1.1 google
last-modified: Mon, 30 Aug 2021 13:06:49 GMT
server: nginx/1.20.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 43
expires: Mon, 30 Aug 2021 13:06:50 GMT

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 3442 43 B
408 B 54ms
19ms Image
image/gif 72.251.241.196
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.indiatoday.in/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 13:06:44 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-5
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3442
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06a62204023d4233d8c2946a&expiration=[EXPIRATION]&gdpr=1

43 B
1 KB

27ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06a62204023d4233d8c2946a&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.indiatoday.in/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 13:06:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 30 Aug 2021 13:06:45 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06a62204023d4233d8c2946a&expiration=[EXPIRATION]&gdpr=1
Date: Mon, 30 Aug 2021 13:06:45 GMT
Access-Control-Allow-Credentials: true
X-Powered-By: Express
Content-Length: 0
Vary: Origin

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3442
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=ad796912-fd4d-4eb2-8162-812fddfec88c&expiration=1661864805

43 B
1 KB

26ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=ad796912-fd4d-4eb2-8162-812fddfec88c&expiration=1661864805
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.indiatoday.in/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 13:06:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 30 Aug 2021 13:06:45 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=ad796912-fd4d-4eb2-8162-812fddfec88c&expiration=1661864805
date: Mon, 30 Aug 2021 13:06:45 GMT
server: Kestrel
content-length: 0

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 3442 43 B
425 B 21ms
20ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YSzX5Er6Xvpd2x-Bjo.98wAA%261208
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.indiatoday.in/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 13:06:44 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1452
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 30 Aug 2021 13:30:56 GMT

POST
H/1.1 200 607.json Show response
id5-sync.com/g/v2/ 213 B
535 B 41ms
9ms XHR
application/json 54.36.109.48
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/607.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.48 , France, ASN16276 (OVH, FR),

Reverse DNS

p03.id5-sync.com

Software

Resource Hash

b549c6d1fbfe2d1c36d5a00f1802a87b0af140ba4d5db9067de1d24da224cece

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.indiatoday.in
Date: Mon, 30 Aug 2021 13:06:44 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ 77 B
829 B 107ms
37ms XHR
application/json 52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: c7fa1f61076bcc4053d47d41a9a7f691e9be8e28fc17dcbd8f30698f46607943

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:45 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.indiatoday.in
cache-control: no-cache
x-server: 10.45.4.230
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 77
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
677 B 44ms
44ms XHR
application/json 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: cfc383841a587087e5c47526dd227cd99d5330f9794f98ab8dee24f3449c9116

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 30 Aug 2021 13:06:45 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.indiatoday.in
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Wed, 29 Sep 2021 13:06:45 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FD67 0
731 B 19ms
18ms Script
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 13:06:45 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 5b751188-b2bc-43b9-99ed-15b1f907fc0c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012108170213000/ Frame A24C 188 KB
55 KB 39ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 402700
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55333
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 21:15:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "55ff93a1040e5c38"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 21:15:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame A24C 13 KB
5 KB 81ms
48ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 403609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4999
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b551ff8c0a78d7e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 20:59:56 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame A24C 89 KB
28 KB 84ms
51ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 403609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28538
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "523ca413d5eb4bb0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 20:59:56 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame A24C 4 KB
2 KB 85ms
53ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 403609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a4d9605fb26cf0ce"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 20:59:56 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame A24C 40 KB
13 KB 86ms
54ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 403609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12821
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd81b3ba02634f28"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 20:59:56 GMT

GET
DATA 200
OK truncated
/ Frame A24C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ab56e55da484681849e44704329d420e1d44738f223d48f9522a021340af27

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 9182581167222441231
tpc.googlesyndication.com/simgad/ Frame A24C 19 KB
19 KB 9ms
7ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9182581167222441231?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmFu2uyzSizoo2z527-LFPOSG48BQ

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a67b1ff9017612b0437ce4736a69a6c252b6bd8706f10f20139b8e8777a26c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 13:21:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 17:22:59 GMT
server: sffe
age: 171906
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19404
x-xss-protection: 0
expires: Sun, 28 Aug 2022 13:21:39 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A24C 2 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 11:04:13 GMT
x-content-type-options: nosniff
server: cafe
age: 7352
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 31 Aug 2021 11:04:13 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A24C 295 B
399 B 7ms
6ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 07:57:47 GMT
x-content-type-options: nosniff
server: cafe
age: 18538
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 31 Aug 2021 07:57:47 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame A24C 0
0 15ms
14ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQOjYSA2H6jh0ycnjrSRs3B7CElm25ZYQ_2fYDbK0P4-6luk-shfQWfM_MIJDXE5W9QCrBT
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A24C 0
0 33ms
33ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ce6C25NcsYa3IIKCh7_UP1NWR4Amen_LhZOH99aGoDvqrwLiWFxABIKz8pwVglfrwgYwHoAGT1LjkA8gBAuACAKgDAcgDCKoE0gJP0Ge_FlOH6dZhQt_b-5yRV7cEbfIJQIS_2nXETSXJsZE4Zr4sKcld7H7xzMOXWXZ1BAzihDwQZB-YAQeMQAdYX9IR1o0e_nuRrPS6JyvDux1EreePFb89qE4-q97_y2Kc-1YCjsOh1e8r3CnY7Tk-O9VGSixuxHS1cKgViSBKWyLlqyquit6xUjNZgswvOEbFmggFkSzXSp6QgIPoo2LtDp_xVe2iFUfJKe1yuxU6bkUuW_ZQjjrAzVrTxho4jCSCIXv7S50COk1RiEFVlQMKN-Rgxq4RGVWkDHvKHE5JdflpJn1qveoi0cck4_eRpCsbB7aNn29qN9PKJcPhe3np2V8JQO_5ET1Tv_qmJdwz6k8D0C0J-dmAHMR0ALVvQ-sGiCzWyqYIsXmUaT6Ju3qzFe9e_ESO2wDS3BxdPwUjc1L8yCaUCnQPV1ebZ1Q6B1ZW7cAEntih3rgD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB9WrxxuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcB8gcEELjUJNIICQiA4YBwEAEYHYAKAcgLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi0zNzkzNzIwNTM0NTczNDcyGND3BQ&sigh=X-2crstN9w4
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 container.html Show response
e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FC4A 6 KB
3 KB 22ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.indiatoday.in/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.indiatoday.in/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 30 Aug 2021 13:06:44 GMT
expires: Tue, 30 Aug 2022 13:06:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A45D 6 KB
3 KB 16ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.indiatoday.in/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.indiatoday.in/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 30 Aug 2021 13:06:44 GMT
expires: Tue, 30 Aug 2022 13:06:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1AC6 0
0 87ms
87ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkNudheg2181TZn35JxBrsXgsOTceNzV9n1x0rNiDBSbLi_SxGbUTpxo0OZQrKXSFJGKi_BDsLJA-ybwDV1pZ-SW_J9GN3puCYXgQEvqIuj4j3MdGq57M2eMkQ_Bs8UK-mDOmyZhppb0NbQ9-nMH05SfKEyG8zHi8wdaDlU37I4ePiZITxHGFzLoYJTaO8bi-kA-0-K7QVDLwAAUKN2Cfl_SSp44v5sTpRg_vi157rbOwXNhjZH6Eg83wUTKyTQ7NzwZIuKfKbkwPu5TIWZUWPF6ZrSnpYescwGI31-WYIO8yN63LwWT3YEXnsFXaRzHd8pVGwt5j2tExsREV7CQ&sig=Cg0ArKJSzPuHqjctEyrgEAE&urlfix=1&adurl=

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 13:06:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 AdDisplayTrackerServlet Show response
pr.ybp.yahoo.com/ab/secure/true/imp/C0--QVH06DBZv49hlI3bosqh1ubCuliOq4CeJlFTcs_UVMP6sR4wKXz8upc4SZcxmsn1yArHy3BY8CdZD2K4QD0BsJ9Dtjvvnq_Ob4cX32ddxlMcNp9UBozDWK5DzFcMjKliP86vbyFe4X3JVDh8AEE50lPzmIYng... Frame 1AC6 3 KB
4 KB 83ms
67ms Script
text/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://pr.ybp.yahoo.com/ab/secure/true/imp/C0--QVH06DBZv49hlI3bosqh1ubCuliOq4CeJlFTcs_UVMP6sR4wKXz8upc4SZcxmsn1yArHy3BY8CdZD2K4QD0BsJ9Dtjvvnq_Ob4cX32ddxlMcNp9UBozDWK5DzFcMjKliP86vbyFe4X3JVDh8AEE50lPzmIYngp6jxPnHqR-_3jM5juo3OonQN5cY9M20kP8TEP_YYLXw-V8JX28LWqNm6mxLmCrLVgZ5g6XrtMGcw2JMv6AypJtO9NdTQLuTUAnmFOcY2SmIU5vpZdYGAWBV3Qx-tCmUL8Zw8kzVi_cZQVtBHKdCwjpYnBMdFQ8E2dodV_rXKwi6CuSxHh2nTtoSyKWzojlqv7nvV_iJZLeH5kLAd7wdTECFNJK-t9xyeNWlVPeOnaYKEjGgBTbrDWazUi8oVlpRetzcOsKQzmEOgLg2kteXqhA6e6yHYtJ7oU7-kqr202_g4MSVK2McuF9B-tkxYU8LCiVsO1ifvUJkx4yHOAOGVnrGtkwrRIxZ93TwleRemOn1eF6joPzvp9Q62ibL6xz87EsUO7Pmfrl6Sd9qYLPlYgYAc8s-ILYqYRSVECv6DuN9Gza6h5cE7k5OKskuwPYNYqQZrCiIAOW4xAWDKJlmQ0NvL--RH81XsEkryti-O2yGujBzEWozNPuC9aPf05lU4SNfPcN2bxpc7WommAy_MvMbdetesbNwuESTR9Frl88_Jm52pYgNx9kM6RdH6giw5PSvpfnkiN0qd4zFsP40oXOt61IQbdD4AZOKpc1I7yAtl8E7tufxWh-_pT_XtPWUTyEDhds-g8saJtIhXH7L4moqEPAUJDFt4DShiJafRPaXmhwiHw7KyqjIh8sGUsEFKlIsTDvaiAOvR_9TVy87yTWfkjzCiKAPHXUSAJUSKY9lRwAhUsAj5UDJWxZIFmy_WRUZscjIhCk5zCK67Sgpb3LKQ3IWfAg2AHpPSi59U4xF6fnZrZAnlyLwZfKwz2vbQzeMSiiloK8-EyNmECL2Xzgn2BrZ2jSMBgqHnV2AvQtumQ37oYphaGtjKZoML8Der5xgkjuMIFiNwUh5zUXOX_y7bPUBgzTMT30gbMje1PvbDL2AiKmQulf2HzdLOaAwoeOcNloiEm4K2rnn6XG8hlyFa6vGoWD1gmnC4H_AYQ0uYx_PDXAFPyt7B0yDyvaVHWmYUzKDOUw0FeiahJ7G85UT7eVBliUexNvrPE2I7D7rBGF-c5KZ8h83eZLSVhfC_gLxptnGugi2kDwFFHxEyc9jalP7Ln35R5atH86gNN6w7KLpiP7i-ImUVRRzIt5HS3Zk2iVUt4Juo6hBm_362sqK-j_McB7JJYL0vPkJT1WnHxUzrRTtxLLAN3uEpJGAY6Gi0w5EmhSZ8Dq1A4leAtyPDebcupTlSNEfik1sDG0dsLdVy82jjBTq8Y6OnQY2Id30SkzofTuuZ4kmLOPEe6ozp-nWlhhz3UCLT2NeUnuJKt3Tz6-qPBd3PJ433Xb20z-YstCRkL-3viTthRYxSJ6dmAJFKJJZUVK0MjLXPln22tU2wvOXow6QdhtK8RtdfFy8Rc-aMs3MRBdMFlz1CKAj--9HLbMb/wp/0.017974/pclick/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjA2NiZzaXRlSWQ9MjQ2OTUwJmFkSWQ9MTMxODk1NyZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjMwMjYmY3JlYXRpdmVJZD0wJnVjcmlkPTEwOTg2MTUxNzg0NTI5NzU1NjE4JmFkU2VydmVySWQ9MjQzJmltcGlkPTM1N0Y0RjMxLTQ5QUEtNDdEMC1BMUVGLTg0MEY0OTQ0OEU0RSZwYXNzYmFjaz0w_url=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

f63034bbac6c5a2d24802147bcdc5cc4b32800f72cb349b0f8dcbc01b5e6cfe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:45 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: text/javascript
x-xss-protection: 1; mode=block
expiry: Thu, 01 Jan 1970 00:00:00 GMT
public-key-pins-report-only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
content-length: 2856
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1AC6 122 KB
37 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063810880246"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Mon, 30 Aug 2021 13:06:45 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1053 0
0 81ms
80ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWwxy5CDeOdVCqpcnewK7CDFpxCM3HZrWXPPsQFdAb8SaaSklGuIQsGQ63usdpdNGW7cbaHY9HMvMarf5YSUqOgv7LWH8_znPV23eEDaLC9LHF7HwdAgfoGfkXblddv4KLZznSXGvczSzH2Hz9dFRI2Sqa2CmN71c8okQ2Ay-TwS7ly6FndJHdejWPZSSY028TkhkOeQcd16MbLssuGZjRaM3BnZesDTcLBIdRlIa8Rh47jan2Q5zUdLdqX9tjIewUttZ4Rq3231BrAT3gOamVwMuNyNRsDbGPM8k9f5zywucsLYqHdUrWm4JjLLf7g0_tOu7dx2MhqgmDO4A&sig=Cg0ArKJSzM45I-vWp_qsEAE&urlfix=1&adurl=

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 13:06:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 generic.js Show response
pubs.contextads.live/indiatoday/indiatoday/ 3 KB
1 KB 167ms
59ms Script
application/javascript 2600:9000:2190:1600:a:5b2c:b080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pubs.contextads.live/indiatoday/indiatoday/generic.js
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:1600:a:5b2c:b080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5df8ad61558fc5728c7dd28848b2f4fc38ffeb528a42ea7fb2b4eb1be3ad4ab6

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 01:37:45 GMT
content-encoding: gzip
last-modified: Fri, 15 Jan 2021 08:04:33 GMT
server: AmazonS3
age: 42056
etag: W/"7ca2a2384eb697efbcd1802af1564f3b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: eXzsmO0F9ZHiL1H5RS61YowhFyE31-0V0MrP4c96b1r1BPq3qD5Dkg==

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1053 122 KB
37 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063810880246"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Mon, 30 Aug 2021 13:06:45 GMT

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012108170213000/ Frame 5E19 188 KB
54 KB 90ms
12ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 402700
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55333
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 21:15:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "55ff93a1040e5c38"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 21:15:05 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 5E19 13 KB
5 KB 163ms
85ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 403609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4999
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b551ff8c0a78d7e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 20:59:56 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 5E19 89 KB
28 KB 111ms
34ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 403609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28538
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "523ca413d5eb4bb0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 20:59:56 GMT

GET
H3-29 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 5E19 70 KB
16 KB 107ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a213b67eebe575881cc62cd8800129e15d9ca92049b2e37832bf83d9fa2ed79e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 403609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16652
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b7d23c40180897d5"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 20:59:56 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 5E19 4 KB
2 KB 110ms
34ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 403609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a4d9605fb26cf0ce"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 20:59:56 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 5E19 40 KB
13 KB 82ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 403609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12821
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd81b3ba02634f28"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 20:59:56 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5E19 2 KB
2 KB 12ms
10ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 11:04:13 GMT
x-content-type-options: nosniff
server: cafe
age: 7352
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 31 Aug 2021 11:04:13 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5E19 295 B
320 B 10ms
9ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 07:57:47 GMT
x-content-type-options: nosniff
server: cafe
age: 18538
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 31 Aug 2021 07:57:47 GMT

GET
DATA 200
OK truncated
/ Frame 5E19 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 759fb2193fd993f0eac20a1a53ab9ac00864252d9df5de2ac5769cc0e6dfc953

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 bg01.jpg
tpc.googlesyndication.com/sadbundle/369956883246289280/Honda_Jazz_Conversion_MT_Comfort_728x90_DCM/ Frame 5E19 16 KB
16 KB 81ms
11ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/369956883246289280/Honda_Jazz_Conversion_MT_Comfort_728x90_DCM/bg01.jpg

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559a6caed49e1b529438fc571ab4695267f37a8feaa1a637890c2ba3f806784d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 08:04:19 GMT
x-content-type-options: nosniff
age: 190946
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16425
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 14:33:32 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 08:04:19 GMT

GET
H3-29 200 txtSprite.png
tpc.googlesyndication.com/sadbundle/369956883246289280/Honda_Jazz_Conversion_MT_Comfort_728x90_DCM/ Frame 5E19 43 KB
43 KB 81ms
12ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/369956883246289280/Honda_Jazz_Conversion_MT_Comfort_728x90_DCM/txtSprite.png

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e28a8ed74cfc119903c4916aa2fd971c138c473dec9b08468ca97426cf55fb21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 00:00:30 GMT
x-content-type-options: nosniff
age: 219975
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44404
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 14:33:32 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 00:00:30 GMT

GET
H3-29 200 bg02.jpg
tpc.googlesyndication.com/sadbundle/369956883246289280/Honda_Jazz_Conversion_MT_Comfort_728x90_DCM/ Frame 5E19 32 KB
32 KB 88ms
18ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/369956883246289280/Honda_Jazz_Conversion_MT_Comfort_728x90_DCM/bg02.jpg

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85f11c352afbcbcbaec42b29dcc7516f3d273c78845be7a9f8cdb92b1d98083e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 11:34:17 GMT
x-content-type-options: nosniff
age: 178348
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32277
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 14:33:32 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 11:34:17 GMT

GET
H3-29 200 bg02_mask.png
tpc.googlesyndication.com/sadbundle/369956883246289280/Honda_Jazz_Conversion_MT_Comfort_728x90_DCM/ Frame 5E19 20 KB
20 KB 87ms
15ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/369956883246289280/Honda_Jazz_Conversion_MT_Comfort_728x90_DCM/bg02_mask.png

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4ea6a282ae7eea92926ea411896161acce7aba0463808e1d4b61f2bca20c04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 15:35:38 GMT
x-content-type-options: nosniff
age: 163867
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20187
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 14:33:32 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 15:35:38 GMT

GET
H3-29 200 bg03.jpg
tpc.googlesyndication.com/sadbundle/369956883246289280/Honda_Jazz_Conversion_MT_Comfort_728x90_DCM/ Frame 5E19 10 KB
10 KB 87ms
16ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/369956883246289280/Honda_Jazz_Conversion_MT_Comfort_728x90_DCM/bg03.jpg

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71c564a6caa9531a7875bc67b5a6b10468cfe08b5538f3dcf43c4a3f4ba9a941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 16:25:07 GMT
x-content-type-options: nosniff
age: 160898
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10448
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 14:33:32 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 16:25:07 GMT

GET
H3-29 200 legal.png
tpc.googlesyndication.com/sadbundle/369956883246289280/Honda_Jazz_Conversion_MT_Comfort_728x90_DCM/ Frame 5E19 2 KB
2 KB 88ms
17ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/369956883246289280/Honda_Jazz_Conversion_MT_Comfort_728x90_DCM/legal.png

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8293e4207ab19f5a73cab24e05e84b383b83c74bf88c71a4932b6e9e98d072fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 13:37:18 GMT
x-content-type-options: nosniff
age: 170967
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2053
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 14:33:32 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 13:37:18 GMT

GET
H3-29 200 cta.png
tpc.googlesyndication.com/sadbundle/369956883246289280/Honda_Jazz_Conversion_MT_Comfort_728x90_DCM/ Frame 5E19 2 KB
2 KB 87ms
17ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/369956883246289280/Honda_Jazz_Conversion_MT_Comfort_728x90_DCM/cta.png

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

488e74c17bee2b3fd5dbf2f2539fc12469a3616549f70c5a9a86251595741105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 00:00:31 GMT
x-content-type-options: nosniff
age: 219974
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1736
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 14:33:32 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 00:00:31 GMT

GET
H3-29 200 logo.png
tpc.googlesyndication.com/sadbundle/369956883246289280/Honda_Jazz_Conversion_MT_Comfort_728x90_DCM/ Frame 5E19 2 KB
2 KB 87ms
16ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/369956883246289280/Honda_Jazz_Conversion_MT_Comfort_728x90_DCM/logo.png

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8d87f2487c1947c1f207bfc1f1bec122f29e3913ae121d3a5e80c4b04bfbef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 22:40:32 GMT
x-content-type-options: nosniff
age: 483973
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2353
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 14:33:32 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 22:40:32 GMT

GET
H2 200 container.html Show response
e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2C4F 6 KB
3 KB 20ms
5ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.indiatoday.in/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.indiatoday.in/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 30 Aug 2021 13:06:44 GMT
expires: Tue, 30 Aug 2022 13:06:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 wt
t.pubmatic.com/ 17 B
17 B 100ms
17ms Image
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.pubmatic.com/wt?pubid=156066&purl=https%3A%2F%2Fwww.indiatoday.in%2Ftechnology%2Fnews%2Fstory%2Fcan-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&tst=1630328806&iid=bdf15541-d81c-4ae9-8641-a2820365426e-eendd&bidid=286491950c29bd7&pid=551&pdvid=39&slot=div-gpt-ad-1507709583969-3&pn=pubmatic&en=0.02&eg=0.02&kgpv=%2F1007232%2FIndiatoday_ROS_BTF_728x90-300x250%40728x90%3A0&piid=357F4F31-49AA-47D0-A1EF-840F49448E4E
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 30 Aug 2021 13:06:45 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 17
content-type: text/plain; charset=utf-8

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5E19 0
0 71ms
51ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9azKqY_8RILFIrGHLMRXNriYjDeo394qNrGWZGNmBawRtjNWoJxfqtMkGJhuRJHcCEE5J
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5E19 0
0 103ms
28ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1G8p5NcsYY_NIKCh7_UP1NWR4An6jvTjZKSY5YDPDsCNtwEQASCs_KcFYJX68IGMB6ABn9K1twHIAQmpAtFGU9rOy7M-4AIAqAMByAMIqgTZAk_Q2otXye_uiOHvsGqXyPGLliy8QvYT2KlvtyKEtL2XyW_G4-0-sRLTnRIpVpKioY9lOcty6Gn2_7PcLUDabOjboX04I07UPGpoGgDQJEsH_qxvS1tbQ4WoXX07Pi2RH9cnpEl8SGQU-bsyv2l51WqX45C_2uFxVgBvK1WE7EyNti5ZfWDcgDfgAqtHU-NDBQgpO7ZRSarDCG8xnwQom2fHNsF6rbMd6V3eys81RzDKITfPVxyrY2nqZM9-2GkASVKuiGquzQ5TGHlaEN6YYHuJp4Arza-N-7Td8yHnwunpvPL0ENjAiV6G-4F6v2udfnECWEJRcbzsNdUssIbdGA6MbIiADfZrdNrug2JMuwHm8G3MkCosY1qGLHYm-CpoY0XJMUskph65r7LCfkyAS4E1TrD2CgLyqXMH7dyVeELzqqdXROHNy2Y1IhX15HRj2BMEtnlwpNGTWcAE9JKWytED4AQBkgUECAQYAZIFBAgFGASgBi6AB8mtysgCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBBDNggjSCAkIgOGAcBABGB2ACgHICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMzc5MzcyMDUzNDU3MzQ3MhjQ9wU&sigh=YhvT2F0CEwg&template_id=419
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 103ms
28ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e87d7c59119397293cf71c27dd7eac13e19f0f3cc3f2b85fc52a74864757b251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063795307439"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27566
x-xss-protection: 0
expires: Mon, 30 Aug 2021 13:06:45 GMT

GET
H2 200 inside-20.js Show response
cdn.js7k.com/rq/iv/ Frame 1AC6 27 KB
9 KB 11ms
9ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/rq/iv/inside-20.js

Requested by

Host: pr.ybp.yahoo.com
URL: https://pr.ybp.yahoo.com/ab/secure/true/imp/C0--QVH06DBZv49hlI3bosqh1ubCuliOq4CeJlFTcs_UVMP6sR4wKXz8upc4SZcxmsn1yArHy3BY8CdZD2K4QD0BsJ9Dtjvvnq_Ob4cX32ddxlMcNp9UBozDWK5DzFcMjKliP86vbyFe4X3JVDh8AEE50lPzmIYngp6jxPnHqR-_3jM5juo3OonQN5cY9M20kP8TEP_YYLXw-V8JX28LWqNm6mxLmCrLVgZ5g6XrtMGcw2JMv6AypJtO9NdTQLuTUAnmFOcY2SmIU5vpZdYGAWBV3Qx-tCmUL8Zw8kzVi_cZQVtBHKdCwjpYnBMdFQ8E2dodV_rXKwi6CuSxHh2nTtoSyKWzojlqv7nvV_iJZLeH5kLAd7wdTECFNJK-t9xyeNWlVPeOnaYKEjGgBTbrDWazUi8oVlpRetzcOsKQzmEOgLg2kteXqhA6e6yHYtJ7oU7-kqr202_g4MSVK2McuF9B-tkxYU8LCiVsO1ifvUJkx4yHOAOGVnrGtkwrRIxZ93TwleRemOn1eF6joPzvp9Q62ibL6xz87EsUO7Pmfrl6Sd9qYLPlYgYAc8s-ILYqYRSVECv6DuN9Gza6h5cE7k5OKskuwPYNYqQZrCiIAOW4xAWDKJlmQ0NvL--RH81XsEkryti-O2yGujBzEWozNPuC9aPf05lU4SNfPcN2bxpc7WommAy_MvMbdetesbNwuESTR9Frl88_Jm52pYgNx9kM6RdH6giw5PSvpfnkiN0qd4zFsP40oXOt61IQbdD4AZOKpc1I7yAtl8E7tufxWh-_pT_XtPWUTyEDhds-g8saJtIhXH7L4moqEPAUJDFt4DShiJafRPaXmhwiHw7KyqjIh8sGUsEFKlIsTDvaiAOvR_9TVy87yTWfkjzCiKAPHXUSAJUSKY9lRwAhUsAj5UDJWxZIFmy_WRUZscjIhCk5zCK67Sgpb3LKQ3IWfAg2AHpPSi59U4xF6fnZrZAnlyLwZfKwz2vbQzeMSiiloK8-EyNmECL2Xzgn2BrZ2jSMBgqHnV2AvQtumQ37oYphaGtjKZoML8Der5xgkjuMIFiNwUh5zUXOX_y7bPUBgzTMT30gbMje1PvbDL2AiKmQulf2HzdLOaAwoeOcNloiEm4K2rnn6XG8hlyFa6vGoWD1gmnC4H_AYQ0uYx_PDXAFPyt7B0yDyvaVHWmYUzKDOUw0FeiahJ7G85UT7eVBliUexNvrPE2I7D7rBGF-c5KZ8h83eZLSVhfC_gLxptnGugi2kDwFFHxEyc9jalP7Ln35R5atH86gNN6w7KLpiP7i-ImUVRRzIt5HS3Zk2iVUt4Juo6hBm_362sqK-j_McB7JJYL0vPkJT1WnHxUzrRTtxLLAN3uEpJGAY6Gi0w5EmhSZ8Dq1A4leAtyPDebcupTlSNEfik1sDG0dsLdVy82jjBTq8Y6OnQY2Id30SkzofTuuZ4kmLOPEe6ozp-nWlhhz3UCLT2NeUnuJKt3Tz6-qPBd3PJ433Xb20z-YstCRkL-3viTthRYxSJ6dmAJFKJJZUVK0MjLXPln22tU2wvOXow6QdhtK8RtdfFy8Rc-aMs3MRBdMFlz1CKAj--9HLbMb/wp/0.017974/pclick/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1NjA2NiZzaXRlSWQ9MjQ2OTUwJmFkSWQ9MTMxODk1NyZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjMwMjYmY3JlYXRpdmVJZD0wJnVjcmlkPTEwOTg2MTUxNzg0NTI5NzU1NjE4JmFkU2VydmVySWQ9MjQzJmltcGlkPTM1N0Y0RjMxLTQ5QUEtNDdEMC1BMUVGLTg0MEY0OTQ0OEU0RSZwYXNzYmFjaz0w_url=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

a31442d9d6f498b61a68b22c8063b860617a864e743bcdff181b079292c619b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11888
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 8521
x-amz-id-2: Gy65VbsF5K7BiIW4zSxALX8eCFAlcTWoeqg7mfNhRtiOFeutHDU1bhGFfGxTayR1AAyf8d0OhyU=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 26 Aug 2021 16:14:58 GMT
server: ATS
etag: "aed6caf8791417339bbd32bf06b70920-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: WYDWXAS8KVFXBJ8W
x-xss-protection: 1; mode=block
cache-control: public,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 567e1bd0-2b47-4760-a28b-e3dfffe39886.jpeg
s.yimg.com/ch/ Frame 1AC6 40 KB
40 KB 11ms
9ms Image
image/jpeg 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ch/567e1bd0-2b47-4760-a28b-e3dfffe39886.jpeg

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

f0a28722be3f40377b1cda5a061b131b2ad035d70a9a1d455852381fdf44bfa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Mon, 23 Aug 2021 07:27:32 GMT
x-content-type-options: nosniff
age: 625154
x-amz-server-side-encryption: AES256
vary: Origin
content-length: 40751
x-amz-id-2: NlUaCVhXLjBwWfFo3ubixys9FxOcWWiyNlp1IP+OAsxLFGK026r3HR4pZQADpiG2j1dhgyq40vk=
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Jul 2021 14:59:45 GMT
server: ATS
etag: "7cc25be2d4925186a3c42560ca70ab60"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 8SXMH4C5CXC5AHGC
x-xss-protection: 1; mode=block
cache-control: max-age=15552000, public
x-amz-version-id: null
accept-ranges: bytes
content-type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 1053 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7136f197657da2899b7984a725c366545772b1d4829cdef14c207aa9d8b2540

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1053 0
0 74ms
32ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAeILjvp76bkh8f-5ek50VnotJuBXvC0lS6zz4zReBcSujn3uuRC7JrrxkhWYKaxQE0OdxwN5arESW2IrzbXCiRrSPfhEAqCZXWMYaWCBxuhNvN1gheQcFL-sIjYszSPchN4C4UdWkCMDSSoan7gIaAEWWQZfIFaBbjN33EBLRGzFyI6vWlY0yHqbGFEyFDw2c2waDZsis6eu-VyMhIGigxPxqzl-Fkonw6sOR8h7lZJegCW5SAADSGsJ0G8vBCNFBWOIU5NNwIHmpGXoHxmdUQz4JuwTbWve-ksg4GdEVj6gOlVsJ4nydNyiakZb4MKYBoDTp8-VXVpYYYdOVoQ&sig=Cg0ArKJSzLzKEK2iVJPaEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 13:06:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 30 Aug 2021 13:06:46 GMT

GET
H2 200 adchoicesblue.png
s.yimg.com/ch/icons/adchoices/ Frame 1AC6 565 B
802 B 11ms
10ms Image
image/png 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ch/icons/adchoices/adchoicesblue.png

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 04 Aug 2021 05:10:47 GMT
x-content-type-options: nosniff
age: 2274961
x-amz-server-side-encryption: AES256
vary: Origin
content-length: 565
x-amz-id-2: 3Au32HduB4x7OzFjE7iU06s4vi8LXOd7xbb6oIEbtwjjYzCzvk9CxpGdaqEhp00hvmdCtKH/X3g=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Jul 2020 18:15:42 GMT
server: ATS
etag: "349bad1100a940608cb9109eb2b166a2"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: QYRKTPZYE9PJRQF7
x-xss-protection: 1; mode=block
cache-control: max-age=15552000, public
x-amz-version-id: null
accept-ranges: bytes
content-type: image/png

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame DA48 28 B
299 B 31ms
30ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/b6ei2kPYcFY
X-YouTube-Client-Version: 1.20210825.0.1
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgs4cmx5d3kxQi1RTSjir7OJBg%3D%3D
X-YouTube-Ad-Signals: dt=1630328803561&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C770%2C463&vis=1&wgl=true&ca_type=image&bid=ANyPxKpt3EeVM7_KUW-j4fxWBEAIdaVxtq0IH_fz6NjunibwNf9lUhg2TSsqlOe2bdkDOMLxbEfWVXgUgRhg40S1t30Cbgi9lg

Response headers

date: Mon, 30 Aug 2021 13:06:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 30 Aug 2021 13:06:46 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A24C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

67ms
63ms

Image
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date: Mon, 30 Aug 2021 13:06:46 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 impulse.js Show response
impulse.contextads.live/main/ 34 KB
10 KB 76ms
39ms Script
application/javascript 2600:9000:2190:a600:3:6e47:11c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://impulse.contextads.live/main/impulse.js
Requested by: Host: pubs.contextads.live
URL: https://pubs.contextads.live/indiatoday/indiatoday/generic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:a600:3:6e47:11c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2e7fdfb4ecc4fcf13bc4b887025f4cafdff3469da030d0deeead6dbb15a3995

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 21:39:32 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 11:07:04 GMT
server: AmazonS3
age: 55635
etag: W/"025ce32545b5704a570f0201be497457"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: thsziXU_Albc-zYcr5-r6ZzQ344GD9qkYoq2I2WOjp2ExgNtwfE78g==

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164962102243330542/ Frame A39A 1 KB
610 B 7ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164962102243330542/index.html

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f261ca5780d552373f77c179417a2d9a3c2dc79ad146de512409b6f5efd3a2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/5164962102243330542/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 577
date: Thu, 26 Aug 2021 13:26:22 GMT
expires: Fri, 26 Aug 2022 13:26:22 GMT
last-modified: Wed, 25 Aug 2021 20:36:02 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 344424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7319 0
0 46ms
45ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CV9Yd5NcsYezKIKCh7_UP1NWR4An9qIfjZOXI-r-YDorRo-2-ARABIKz8pwVglfrwgYwHoAH1wMrRAcgBCeACAKgDAcgDCKoE3QJP0DjGo7zD5SpxKtZlWus5ZOBGhvuhC6a32jQc4Yj1V_bOIJ03BqpqwOaWmem2ZK6xIXvgsLWsmDfRX2JybW4RYrmv2O-eul2pmkKwtiuFulKWxS5iW6m_m8v6D9Y5qjPUhBssqSq6jT7Xa_2f7yfGmIgI4OfZAEi8IODagW3BlcJFm6dcWJWYLzB_OKTq3U3KN7J5sf2KgoJHWrEI661DdPM6KKkpsot0A4Eg3z0Kp_o47mx1mJri2_YrHdysmlM4C6TgFIrAPJjpCairXR_PrVYvx0Wc2I8uGtmXh9h4CrlU2FsHvtEDFibpNmRdRowQu5p2jis3-mCbiFE-WSMfi2a_s47RKPos_EhG6VJbl15AggrtpL0FZOhK3_gIhKvihltDOuW4qbtLqoU4KaNttav21MW2RfMHVCXKRMslm0EIk2VUrdmyz_pVzTPYxpY4Qy5hBNqYaqUgqiOnwASJj_6-3APgBAGSBQQIBBgBkgUECAUYBKAGLoAH8761rgKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEELSJDdIICQiA4YBwEAEYHYAKAcgLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi0zNzkzNzIwNTM0NTczNDcyGND3BQ&sigh=OyRHK6acZdU&template_id=419
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame 7319 18 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite_fy2019.js

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 13:06:29 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 7319 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 13:06:01 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7319 122 KB
37 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063810880246"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Mon, 30 Aug 2021 13:06:46 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 7319 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 13:06:03 GMT

GET
H3-29 200 9182581167222441231
tpc.googlesyndication.com/simgad/ Frame A24C 19 KB
19 KB 9ms
8ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9182581167222441231?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmFu2uyzSizoo2z527-LFPOSG48BQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a67b1ff9017612b0437ce4736a69a6c252b6bd8706f10f20139b8e8777a26c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 13:21:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 17:22:59 GMT
server: sffe
age: 171907
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19404
x-xss-protection: 0
expires: Sun, 28 Aug 2022 13:21:39 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A24C 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 11:04:13 GMT
x-content-type-options: nosniff
server: cafe
age: 7353
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 31 Aug 2021 11:04:13 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A24C 295 B
329 B 8ms
7ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 07:57:47 GMT
x-content-type-options: nosniff
server: cafe
age: 18539
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 31 Aug 2021 07:57:47 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2441951840195814638/ Frame A585 1 KB
612 B 13ms
11ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2441951840195814638/index.html

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f261ca5780d552373f77c179417a2d9a3c2dc79ad146de512409b6f5efd3a2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/2441951840195814638/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 577
date: Sat, 28 Aug 2021 19:06:08 GMT
expires: Sun, 28 Aug 2022 19:06:08 GMT
last-modified: Wed, 25 Aug 2021 20:36:14 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 151238
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C53F 0
0 30ms
30ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQuck5NcsYdPJIKCh7_UP1NWR4An9qIfjZP3P-r-YDorRo-2-ARABIKz8pwVglfrwgYwHoAH1wMrRAcgBCeACAKgDAcgDCKoE3QJP0GJ_AnNrv34yHPbH2q1KTWClTu7lulBRxiWfrH5XjF-V0vORPjcaG63m0k0QcRgDk7JHGaGb6WFgdCxWu4kkchDZYoCo-bXTOn9-5s7VueLbaS9S7EhzZUjr_C7seTLVyL_3h-iy31jY1mkyD_pL-dJMCkOscvBNdunU8iyjzyp3EJm1Um7J6qotCeqLDLfm5l5C3hiw93XiMljqZFPI6-xr3cc71uFDG_XR9nJBktNwPcDjcWk1axTwtc8M2CFgXNkEKbVAUciukFwHlN_Lsg6iUJqloefXZ_i9X2OjRj_FBn7VJfolGCEWd3z9DglDBeBYGeq9g1D4MiYoAY82VDU0ltwjPfa1j0N9xSPM2IFNmQhYJlUEk5MIaVs4jMULhiFtkqjN4UPi0zhoMuefSDYh0q5xFBZ7G-C0HMCPqiJmsS5mlhPMakJo1qP1n6nwIYRhge81e3tXHL15wASJj_6-3APgBAGSBQQIBBgBkgUECAUYBKAGLoAH8761rgKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEENiOINIICQiA4YBwEAEYHYAKAcgLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi0zNzkzNzIwNTM0NTczNDcyGND3BQ&sigh=QrY5g4rPE5E&template_id=419
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame C53F 18 KB
8 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite_fy2019.js

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 13:06:29 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame C53F 2 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 13:06:01 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C53F 122 KB
37 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063810880246"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Mon, 30 Aug 2021 13:06:46 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame C53F 14 KB
6 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 13:06:03 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame C53F 0
0 18ms
16ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRylW90uX3AkbPCbUS4A_zqZV8EgWc6UsBDv1igE8AEeM_PrejxKvV00WFONG4SpmGLwiRF
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6883 38 KB
14 KB 51ms
41ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.indiatoday.in/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.indiatoday.in/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=111198
expires: Tue, 31 Aug 2021 20:00:04 GMT
date: Mon, 30 Aug 2021 13:06:46 GMT
vary: Accept-Encoding

GET
H2 200 AdDisplayTrackerServlet Show response
aktrack.pubmatic.com/AdServer/ Frame 448A 0
61 B 48ms
41ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156066&siteId=246950&adId=1318957&adType=10&adServerId=243&kefact=0.017974&kaxefact=0.017974&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=7&kltstamp=1630328804&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.017974&dcId=3&tldId=0&passback=0&svr=BID22428U&adsver=_742816556&adsabzcid=0&cls=BID&ekefact=5NcsYdukAgBI1rvYD1zGfEwgpoOgfJwZbABvfR2VqILPOSNC&ekaxefact=5NcsYeakAgCpwpAuiWtkj-eTfx2o-6bjfQ32HBcaDZvH8L73&ekpbmtpfact=5NcsYfCkAgCjuY2k9_kV4iYR8juR9--Q3lV3IFR8fD4w0FKe&pfi=1&dc=AMS&pubBuyId=32802&crID=3565478&lpu=pramac.com&ucrid=10986151784529755618&campaignId=23026&creativeId=0&pctr=0.000000&wDSPByrId=OATH102139000&wDspId=452&wbId=4&wrId=0&wAdvID=969113&wDspCampId=1657127&isRTB=1&rtbId=BCE742DF-0EB5-4DF1-9E79-79AAE8B17A71&imprId=357F4F31-49AA-47D0-A1EF-840F49448E4E&oid=357F4F31-49AA-47D0-A1EF-840F49448E4E&cntryId=58&pageURL=https%3A%2F%2Fwww.indiatoday.in%2Ftechnology%2Fnews%2Fstory%2Fcan-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&sec=1&pAuSt=3
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: aktrack.pubmatic.com
:scheme: https
:path: /AdServer/AdDisplayTrackerServlet?operId=1&pubId=156066&siteId=246950&adId=1318957&adType=10&adServerId=243&kefact=0.017974&kaxefact=0.017974&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=7&kltstamp=1630328804&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.017974&dcId=3&tldId=0&passback=0&svr=BID22428U&adsver=_742816556&adsabzcid=0&cls=BID&ekefact=5NcsYdukAgBI1rvYD1zGfEwgpoOgfJwZbABvfR2VqILPOSNC&ekaxefact=5NcsYeakAgCpwpAuiWtkj-eTfx2o-6bjfQ32HBcaDZvH8L73&ekpbmtpfact=5NcsYfCkAgCjuY2k9_kV4iYR8juR9--Q3lV3IFR8fD4w0FKe&pfi=1&dc=AMS&pubBuyId=32802&crID=3565478&lpu=pramac.com&ucrid=10986151784529755618&campaignId=23026&creativeId=0&pctr=0.000000&wDSPByrId=OATH102139000&wDspId=452&wbId=4&wrId=0&wAdvID=969113&wDspCampId=1657127&isRTB=1&rtbId=BCE742DF-0EB5-4DF1-9E79-79AAE8B17A71&imprId=357F4F31-49AA-47D0-A1EF-840F49448E4E&oid=357F4F31-49AA-47D0-A1EF-840F49448E4E&cntryId=58&pageURL=https%3A%2F%2Fwww.indiatoday.in%2Ftechnology%2Fnews%2Fstory%2Fcan-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&sec=1&pAuSt=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.indiatoday.in/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.indiatoday.in/

Response headers

content-type: text/html
content-length: 0
date: Mon, 30 Aug 2021 13:06:46 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1AC6 0
0 30ms
30ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoVWBzFarZvLtWTjt2nOAHq5eKH71FpduVlWhtZP76BIeNyrI8-z5vPtLKXMOKrA9duQrXYfJ6sexNwaXE9LgQ86a5fN5XqMkpkBmk8hWlvxyRKKFpFjo3E-beCPTtZttzhhvvlI0UdSojFYyCd5IElD5-CJOzl1xwxS2xjDMIQl2WICCZIuZxR4isM4aZ770vy6g3ElaWaSqFjzIF_aYmKMhnZ1qAbnUj6fwNMGUfiJ1vi-tlQqtf7biMutQO8nocxuSJ7gme_ujXw4nLJcZGRFEJ9C9Wd2_0kY6CT07u6QuDsGNgEDi2W7hOggKOBMoBhMnvNAaYIwfn_AXSW9Ar&sig=Cg0ArKJSzHRhrDPuW0GBEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 13:06:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 30 Aug 2021 13:06:46 GMT

GET
DATA 200
OK truncated
/ Frame 1AC6 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aec0782b106800f4e3a1d9208eacb5fe30432b30855cb5e2acc7ea066f49a49a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5E19 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 11:04:13 GMT
x-content-type-options: nosniff
server: cafe
age: 7353
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 31 Aug 2021 11:04:13 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5E19 295 B
329 B 8ms
7ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 07:57:47 GMT
x-content-type-options: nosniff
server: cafe
age: 18539
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 31 Aug 2021 07:57:47 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17274917367902316614/ Frame D7A2 1 KB
614 B 12ms
9ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17274917367902316614/index.html

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699422244e6266026d58afe1dce5e519e99717626536a5db41d0b2c402878492

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/17274917367902316614/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 579
date: Fri, 27 Aug 2021 02:58:10 GMT
expires: Sat, 27 Aug 2022 02:58:10 GMT
last-modified: Wed, 25 Aug 2021 20:36:02 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 295716
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2C4F 0
0 37ms
36ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQKge5NcsYarOIKCh7_UP1NWR4An9qIfjZO3M-r-YDorRo-2-ARABIPjIySBglfrwgYwHoAH1wMrRAcgBCeACAKgDAcgDCKoE3AJP0GiFUOgWQtj3cnB5WaL24HUzMbFNr_aSbbqNI7oB2cmVe230-VbWuDgaP3ylEceh6uCC3C9lFSSNRKlgfwNzU1HuFdhAcQbJlzdhY51_yKxWy3nKu6NU_48Z3NQPjVyyODL2rpbQrw8j2UCS_dMMQ-4Sz8YjbuytiWF4lb0jZzycwKIgKb_aqQBk_53R-Lta-NX41R6IGPPDI7kABDndiCgm19VRLAKqo1lJpOTeiwCYPGUYrgoSXGNV_BrhI8tsYJ5gcRI76ohRfkp3MocetrZvnFqB3rqo9U9XNxVKiK_On3A1sIVmFt9BxmDAtgHoRvvaKtJs4E8VMNgkIqUUMAl7_pWsFPA7C6nbywXjehtd7B-CA5FBWhky4-r2PnJxFvaoC92bSnqLuh2VGnc98zppfqvAByAhD04Tx9Dy4F7zcifBTf5vqLFDy9ZOMPYx7XVeL8vx2XNGNSPABImP_r7cA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfzvrWuAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQ3roF0ggJCIDhgHAQARgdgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTM2MjIxMzYwOTg3OTQwNDAY0PcF&sigh=7VQIze1L4ZA&template_id=419
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame 2C4F 18 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite_fy2019.js

Requested by

Host: e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com
URL: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 13:06:29 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 2C4F 2 KB
1 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js

Requested by

Host: e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com
URL: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 13:06:01 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C4F 122 KB
37 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com
URL: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063810880246"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Mon, 30 Aug 2021 13:06:46 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 2C4F 14 KB
6 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com
URL: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Sep 2021 13:06:03 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B717 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com
URL: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnWFFhRZaII6oYA3FGwhnZoFtiXi9wIMizf0fIGGy-hgceH37b1BvS1erThTM4; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 30 Aug 2021 12:57:38 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FAA5 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com
URL: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnWFFhRZaII6oYA3FGwhnZoFtiXi9wIMizf0fIGGy-hgceH37b1BvS1erThTM4; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 30 Aug 2021 12:57:38 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7319 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 428a6eb3086e213019feb63cc206a7d41016e396944a0ec9f4220eb8056fb74a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C53F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ed62cc2fd66c48e83073f7c5b79a97e95922fdd35a52549c788a8fb58c00731

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dac.min.js Show response
dac.contextads.live/ 5 KB
3 KB 97ms
6ms Script
application/javascript 2600:9000:20eb:4a00:f:b7c0:a340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dac.contextads.live/dac.min.js
Requested by: Host: impulse.contextads.live
URL: https://impulse.contextads.live/main/impulse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4a00:f:b7c0:a340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ffd6323ee142840bba7354a6b6ae5979a9b0d8a5aae2224b8be4844bfcd57de3

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 23:06:04 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 18:31:04 GMT
server: AmazonS3
age: 50443
etag: W/"88d32490a4127ecd4d03bb7435735f92"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 8MKd1h8Ordc2WaY7d7hfm3QY6BSLQxyMdAFn5lOlM7YV7nJYLqOIqg==

GET
H2 200 IMPL-INDIATODAY-INDIATODAY-RESP-GENERIC.js Show response
impulse.contextads.live/impulse3/config/indiatoday/indiatoday/ 11 KB
3 KB 17ms
16ms Script
application/javascript 2600:9000:2190:a600:3:6e47:11c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://impulse.contextads.live/impulse3/config/indiatoday/indiatoday/IMPL-INDIATODAY-INDIATODAY-RESP-GENERIC.js
Requested by: Host: impulse.contextads.live
URL: https://impulse.contextads.live/main/impulse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:a600:3:6e47:11c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 253f5d7481c9d51234ecef630e4b7dd4ac1adfac3d031db427b9716191529a6c

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 02:39:53 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 13:23:06 GMT
server: AmazonS3
age: 38697
etag: W/"06d9df4aad3989bf7a6bd5a95d99e771"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: yIgHkMa_bIzS5nK4hyrHEvUCYztd8YsvY4pXCO-z-Gc9wc9P5Nwnbw==

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame A39A 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164962102243330542/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 16:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 30 Aug 2021 16:43:14 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A39A 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164962102243330542/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 30 Aug 2021 20:35:29 GMT

GET
H3-29 200 ad.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164962102243330542/ Frame A39A 57 KB
18 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164962102243330542/ad.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164962102243330542/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb8b69d2597da9735bd52db589bd371f22a83137caabf5781e14dc099f2888f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 133527
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18185
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 20:36:02 GMT
server: sffe
date: Sun, 29 Aug 2021 00:01:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Aug 2022 00:01:19 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame A585 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2441951840195814638/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 16:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 30 Aug 2021 16:43:14 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A585 26 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2441951840195814638/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 30 Aug 2021 20:35:29 GMT

GET
H3-29 200 ad.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2441951840195814638/ Frame A585 57 KB
18 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2441951840195814638/ad.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2441951840195814638/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e17fd1f66f2e2ec5630208b0c7943a86835ce17dae4e6e7a0aa028855d63876

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 194954
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18208
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 20:36:14 GMT
server: sffe
date: Sat, 28 Aug 2021 06:57:32 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 06:57:32 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 6883 2 KB
2 KB 17ms
17ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=90954444&p=156066&s=246950&a=0&ptask=DSP&np=0&fp=1&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: aad5583a1882539c08cdc6caaf3a06d21899ffd66141f7d720a8946a20d3922e

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1981
content-type: text/html; charset=UTF-8

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CB18 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com
URL: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnWFFhRZaII6oYA3FGwhnZoFtiXi9wIMizf0fIGGy-hgceH37b1BvS1erThTM4; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 30 Aug 2021 12:57:38 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 549
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2C4F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ba2c7385552da9f0d7cffd2c6848a42f531a3053abd9556f59462946b4cbb68

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame D7A2 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17274917367902316614/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 16:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 30 Aug 2021 16:43:14 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D7A2 26 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17274917367902316614/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 20:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 30 Aug 2021 20:35:29 GMT

GET
H3-29 200 ad.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17274917367902316614/ Frame D7A2 57 KB
18 KB 9ms
8ms Script
application/x-javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17274917367902316614/ad.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17274917367902316614/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7723e3bb6ab2cebe4c3f43abbdbac799ff00f010f1e55d359e8d2bc3cf1806cf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 359576
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18209
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 20:36:02 GMT
server: sffe
date: Thu, 26 Aug 2021 09:13:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 09:13:51 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
123 B 17ms
15ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=156066
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:47 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.indiatoday.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
96 B 21ms
18ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=156066
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:47 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.indiatoday.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
96 B 22ms
19ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=156066
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:47 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.indiatoday.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1053 42 B
108 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss24BuwzoMawNQTb5HTBeyd9No0OLBGQeJ1IU_nOuN63N165-YZtqM96JFThu6rSnLtnGXOuK7V6C7AjcR4m3RRL3HpQUnGmHNRC_s724Pk2Om4Ahgg&sig=Cg0ArKJSzNu-gEvU9J6EEAE&id=lidar2&mcvt=1207&p=19,0,20,1&asp=19,0,20,1&mtos=1207,1207,1207,1207,1207&tos=1207,0,0,0,0&v=20210827&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3548145748&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630328805681&rpt=326&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 creative-document.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164962102243330542/ Frame A39A 59 KB
31 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164962102243330542/creative-document.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164962102243330542/ad.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1fb3b1ab002d7d6568caa4775c5839b905ca80ca3960eb2c3a9ca4a2796d0fb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 344425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31317
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 20:36:02 GMT
server: sffe
date: Thu, 26 Aug 2021 13:26:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 13:26:22 GMT

GET
H3-29 200 animated-creative.242432b29a36885ddd07.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164962102243330542/ Frame A39A 129 KB
43 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164962102243330542/animated-creative.242432b29a36885ddd07.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164962102243330542/ad.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2baf938f5b1e36d36b4a612e7ecc9b70e54f8491b6110431d0ab43fb62d3f517

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 256866
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44372
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 20:36:02 GMT
server: sffe
date: Fri, 27 Aug 2021 13:45:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 13:45:41 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6883
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEISdQUh3GjnUnuwiyIEhxj0&google_cver=1

42 B
439 B

27ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEISdQUh3GjnUnuwiyIEhxj0&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:47 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:389
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEISdQUh3GjnUnuwiyIEhxj0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 6883 43 B
609 B 22ms
22ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 29 Aug 2021 13:06:47 GMT

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 40F5
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8922674620998064464

42 B
210 B

23ms
22ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8922674620998064464
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8922674620998064464
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=DDC49162-87B1-44D4-A0A7-3E1A2C975DEC; chkChromeAb67Sec=1; SyncRTB3=1631577600%3A35%7C1631491200%3A161_56_7_54_3_21_13_220%7C1630886400%3A223; KRTBCOOKIE_80=22987-CAESEISdQUh3GjnUnuwiyIEhxj0&KRTB&16514-CAESEISdQUh3GjnUnuwiyIEhxj0&KRTB&23025-CAESEISdQUh3GjnUnuwiyIEhxj0; PugT=1630328807; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:44be612c-d7e7-4700-b7e9-e957e2fcd961&KRTB&16736-uid:44be612c-d7e7-4700-b7e9-e957e2fcd961&KRTB&23019-uid:44be612c-d7e7-4700-b7e9-e957e2fcd961&KRTB&23114-uid:44be612c-d7e7-4700-b7e9-e957e2fcd961
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 30 Aug 2021 13:06:47 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_336=5844-8922674620998064464; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 29-Sep-2021 13:06:47 GMT; path=/ PugT=1630328807; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 29-Sep-2021 13:06:47 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 28-Nov-2021 13:06:47 GMT; path=/
x-lat: lhrpug001:0:434
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8922674620998064464
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6883
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2685656761857622301

42 B
389 B

21ms
20ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2685656761857622301
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:48 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug002:0:981
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:47 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2685656761857622301
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6883
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:44be612c-d7e7-4700-b7e9-e957e2fcd961&gdpr=0&gdpr_consent=

42 B
340 B

26ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:44be612c-d7e7-4700-b7e9-e957e2fcd961&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:47 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug009:0:529
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 30 Aug 2021 13:06:47 GMT
Server: MT3 3865 cc0e612 master zrh-pixel-x14
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:44be612c-d7e7-4700-b7e9-e957e2fcd961&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 30 Aug 2021 13:06:46 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6883
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8f1126f2-e8b8-48e1-98ad-1e732b00687c

42 B
293 B

48ms
48ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8f1126f2-e8b8-48e1-98ad-1e732b00687c
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:48 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:5322
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:47 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8f1126f2-e8b8-48e1-98ad-1e732b00687c
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 8640 43 B
338 B 26ms
24ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Mon, 30 Aug 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1378
date: Mon, 30 Aug 2021 13:06:46 GMT
content-length: 43

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6883
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9019878240071150784&gdpr=0&gdpr_consent=

42 B
210 B

19ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9019878240071150784&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:47 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:450
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 13:06:47 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 50fb05c1-8852-4249-b376-a4b313263253
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9019878240071150784&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6883
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RERDNDkxNjItODdCMS00NEQ0LUEwQTctM0UxQTJDOTc1REVD&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

27ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:47 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:2514
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 6883
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DDC49162-87B1-44D4-A0A7-3E1A2C975DEC&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DDC49162-87B1-44D4-A0A7-3E1A2C975DEC&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Db2cyIFE2uUPRJMeq3MG6iiA1.5XmYw-~A&gdpr=0&gdpr_consent=

0
128 B

18ms
17ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Db2cyIFE2uUPRJMeq3MG6iiA1.5XmYw-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:46 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 30 Aug 2021 13:06:47 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Db2cyIFE2uUPRJMeq3MG6iiA1.5XmYw-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 creative-document.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2441951840195814638/ Frame A585 62 KB
34 KB 23ms
22ms Script
application/x-javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2441951840195814638/creative-document.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2441951840195814638/ad.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a65e3ef56dc8731764dca9c8a6aeffaa4abc155c05fe1a58c2d1b6621df974d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 151239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34401
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 20:36:14 GMT
server: sffe
date: Sat, 28 Aug 2021 19:06:08 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 19:06:08 GMT

GET
H3-29 200 animated-creative.242432b29a36885ddd07.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2441951840195814638/ Frame A585 129 KB
43 KB 26ms
25ms Script
application/x-javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2441951840195814638/animated-creative.242432b29a36885ddd07.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2441951840195814638/ad.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2baf938f5b1e36d36b4a612e7ecc9b70e54f8491b6110431d0ab43fb62d3f517

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 151239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44372
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 20:36:14 GMT
server: sffe
date: Sat, 28 Aug 2021 19:06:08 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 19:06:08 GMT

GET
H3-29 200 creative-document.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17274917367902316614/ Frame D7A2 56 KB
30 KB 79ms
7ms Script
application/x-javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17274917367902316614/creative-document.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17274917367902316614/ad.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9715e32607305f646d45360096cfd88c3d6c22f75df9c5d7913106d38a8fbef

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 178260
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30866
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 20:36:02 GMT
server: sffe
date: Sat, 28 Aug 2021 11:35:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 11:35:47 GMT

GET
H3-29 200 animated-creative.242432b29a36885ddd07.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17274917367902316614/ Frame D7A2 129 KB
43 KB 17ms
8ms Script
application/x-javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17274917367902316614/animated-creative.242432b29a36885ddd07.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17274917367902316614/ad.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2baf938f5b1e36d36b4a612e7ecc9b70e54f8491b6110431d0ab43fb62d3f517

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 133523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44372
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 20:36:02 GMT
server: sffe
date: Sun, 29 Aug 2021 00:01:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Aug 2022 00:01:24 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B717
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
38ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com
URL: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnWFFhRZaII6oYA3FGwhnZoFtiXi9wIMizf0fIGGy-hgceH37b1BvS1erThTM4; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 30 Aug 2021 13:06:47 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 30-Aug-2021 14:06:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 30 Aug 2021 13:06:47 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 30 Aug 2021 13:06:47 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FAA5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

40ms
40ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com
URL: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnWFFhRZaII6oYA3FGwhnZoFtiXi9wIMizf0fIGGy-hgceH37b1BvS1erThTM4; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 30 Aug 2021 13:06:47 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 30-Aug-2021 14:06:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 30 Aug 2021 13:06:47 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 30 Aug 2021 13:06:47 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A39A 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ Frame A39A 7 KB
7 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c2fb7308efbc82575d86510fcf8958f4715ee5798fc00c6b1fa1029d0ba8770

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame A39A 11 KB
11 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76d198150df7399eaa271be1525d86e930e79436b85c345aea1d921cbc1997b3

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame A39A 4 KB
4 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e26821383f68e4f3fd00c2de5f67f57cb189d2d57146f8cc01e96b2fc45ec9a2

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame A39A 4 KB
4 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 680ad84c545b89ddb13abcdacdac0bbd9325588900d9a24358d1237e4cdafc81

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: font/woff

GET
H2 200 rtb_ajs.php Show response
delivery.contextads.live/www/delivery/rtb/ 9 KB
10 KB 579ms
491ms Script
text/javascript 13.224.193.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.contextads.live/www/delivery/rtb/rtb_ajs.php?zoneid=1026&cb=35106416214&charset=UTF-8&loc=https%3A//www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&containerId=impulseadcontainer&product=impulse
Requested by: Host: impulse.contextads.live
URL: https://impulse.contextads.live/main/impulse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-67.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 781c583a7bb11108f25782518c7b345e1bebbf990d8a25bcec0ac00acd429457

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:48 GMT
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C1
p3p: CP="CUR ADM OUR NOR STA NID"
etag: 18fbfe02d61e057e2e977d01846b64a3
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600
expire: Mon, 30 Aug 2021 14:06:48 GMT
x-amz-cf-id: oMNbPTKhQqeBNJzIVzUJgNoJtOlOIXbavDZhdN5eTI0loEN6tQ58gw==

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CB18
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com
URL: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnWFFhRZaII6oYA3FGwhnZoFtiXi9wIMizf0fIGGy-hgceH37b1BvS1erThTM4; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 30 Aug 2021 13:06:48 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 30-Aug-2021 14:06:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 30 Aug 2021 13:06:48 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 30 Aug 2021 13:06:48 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A24C 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5cddUk1RnFP52yN_lkjdZREWpNolkuUIB0GISVy84B5NYv2YaEOruQQATPhLA_Z6pSfgz4UeiQVedo2_FEW7L9KoB9jp75VCkwY7JsJzeT9kiLTs6AkpO8IqBfHPk9yTkKb0I3Hb4s81DdPS4saVAaQ&sai=AMfl-YSlPQhaCIE7mWs48STUgLsd9XHczTs_E6k1dA6MSvj8T_IXbq0NnAtrHLk01mfaYiSp4VqGX2C38MMn7a5Z6NJO5zSdKr4LPjjBb-h2B06F59LXuZqIFAMYTfI&sig=Cg0ArKJSzBoepaAFG8JZEAE&cid=CAASPeRoY_qPlFtCX-DMiW2cQblVHcd0MR9H15MIHoWH4eJ0mq8upBJqS_ZZ5mJ7ouherrnwefLkRTO48Vy33LU&id=ampim&o=236,443&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1483&mtos=0,0,1483,1483,1483&tos=0,0,1483,0,0&tfs=713&tls=2196&g=100&h=100&tt=2196&r=v&avms=ampa&adk=1937186414

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C53F 42 B
64 B 18ms
17ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgUI7lIe6aukMtzNs_F5VBH535avjBVLh2VxwGP72jzrMlkfSd7Ni3K0BQgX4WAN_pHMJoCLjDIqUt8w6p2k7YdYTqorQpbuvJOFG_p6eJLCtVTpsb6pQaN6Gndg&sai=AMfl-YQwUZuCxRDog0P8gyp_borFeZLqxMDxnWePq_GaATq3Jnz5oh9tdtiuEk4Kw7qz6LiIeOfYh0-WfG1-hQ_zxlowYQMyhWhax0YfmogpN1Dk5gCotnsnpAdv5d4&sig=Cg0ArKJSzIJbmv9x6yq8EAE&cid=CAASPeRo268L3AlVC2QsM0gHF9CEovYXilfJa6lOEXcZY_vepgZgMiHGZ4NaMOA2RsnQXmgvkj54ZE5vQMMmVCI&id=lidar2&mcvt=1507&p=247,1050,497,1300&asp=247,1050,497,1300&mtos=1507,1507,1507,1507,1507&tos=1507,0,0,0,0&v=20210827&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1177974948&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630328806265&rpt=424&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame A585 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ Frame D7A2 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 405a455d-9df0-4372-8682-d9de3236c0cc.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164962102243330542/ Frame A39A 2 KB
3 KB 9ms
9ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5164962102243330542/405a455d-9df0-4372-8682-d9de3236c0cc.png

Requested by

Host: e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com
URL: https://e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26d3b5464c06cadf844204d3e0d671423588b0425df4c0e23f9651327b8866ca

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 133523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1598
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 20:36:02 GMT
server: sffe
date: Sun, 29 Aug 2021 00:01:25 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Aug 2022 00:01:25 GMT

GET
DATA 200
OK truncated
/ Frame A585 7 KB
0 Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame A585 11 KB
0 Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame A585 4 KB
4 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68f5b0a746123ac1f52fbe47522e39e0614fac234c321baa3a695d771e4e4810

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame A585 7 KB
7 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 887238e12d1eff42c1f6ff712ecfecd8cd028e856d9ebfbe6c4e8d04a6440cde

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame D7A2 7 KB
0 Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame D7A2 11 KB
11 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd516ed98d3ffc2576e8a7b09a63aab5f760b4723f367d115828c8fa258fb9e3

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame D7A2 4 KB
4 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af6c243b7f8bffd605830b25861a50e5ccd9a50faa1f70a7e4424ec7acfee4fe

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame D7A2 4 KB
0 Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: font/woff

GET
H3-29 200 405a455d-9df0-4372-8682-d9de3236c0cc.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2441951840195814638/ Frame A585 2 KB
2 KB 8ms
8ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2441951840195814638/405a455d-9df0-4372-8682-d9de3236c0cc.png

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26d3b5464c06cadf844204d3e0d671423588b0425df4c0e23f9651327b8866ca

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 268326
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1598
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 20:36:14 GMT
server: sffe
date: Fri, 27 Aug 2021 10:34:43 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 10:34:43 GMT

GET
H3-29 200 405a455d-9df0-4372-8682-d9de3236c0cc.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17274917367902316614/ Frame D7A2 2 KB
2 KB 14ms
6ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17274917367902316614/405a455d-9df0-4372-8682-d9de3236c0cc.png

Requested by

Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

017aa9a6a61970cfc2af56daee1317919d6a7f88e593ccc3b8758cddd63e588c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 133525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2473
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 20:36:02 GMT
server: sffe
date: Sun, 29 Aug 2021 00:01:24 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Aug 2022 00:01:24 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 103ms
13ms Script
application/x-javascript 2600:9000:2190:ca00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:ca00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 12:18:12 GMT
content-encoding: gzip
last-modified: Fri, 09 Jul 2021 00:11:37 GMT
server: nginx
age: 2917
etag: W/"60e79439-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: klr5Jq91rNtEhBSQ2L5d-7x43BiU_n3jRKgsHYJrzFQNzyzkvOfYlg==
expires: Mon, 30 Aug 2021 14:18:12 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 68ms
68ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021082501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

059a1c50927fa059334e8dab7b0eeeffb834a30a37cce54525505b9b87f58574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Aug 2021 13:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8414
x-xss-protection: 0

POST
H2 200 rtb_ajs_l.php Show response
delivery.contextads.live/www/delivery/rtb/ 12 KB
13 KB 396ms
395ms XHR
application/json 13.224.193.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.contextads.live/www/delivery/rtb/rtb_ajs_l.php?zoneid=1026&cb=35106416214&charset=UTF-8&loc=https%3A//www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&containerId=impulseadcontainer&product=impulse
Requested by: Host: delivery.contextads.live
URL: https://delivery.contextads.live/www/delivery/rtb/rtb_ajs.php?zoneid=1026&cb=35106416214&charset=UTF-8&loc=https%3A//www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&containerId=impulseadcontainer&product=impulse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-67.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: a6f7cb898eb7ebd4f04f47a0e2748b61798ab2c14f9fbe078a78ce3cb7a04822

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:49 GMT
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.indiatoday.in
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: application/json
x-amz-cf-id: KS-PeSn0rvj4umBFd4gsW3z9pwfCrnmSYImdF_NGl2dIVhWsbzOESQ==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082501.js?31062395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 30 Aug 2021 13:06:49 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5C85 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.indiatoday.in/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.indiatoday.in/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 30 Aug 2021 12:34:24 GMT
expires: Tue, 30 Aug 2022 12:34:24 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1C5D 783 B
760 B 15ms
14ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1b459650bb963a18f8816893b9e2f28b828191166d7cc5a002b5e02e5f1feb81

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mS1KfuVYkpOiMnhZmjbWWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.indiatoday.in/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.indiatoday.in/

Response headers

expires: Mon, 30 Aug 2021 13:06:49 GMT
date: Mon, 30 Aug 2021 13:06:49 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-mS1KfuVYkpOiMnhZmjbWWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 298ms
98ms Image
image/gif 54.88.192.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=indiatoday.in&p=%2Ftechnology%2Fnews%2Fstory%2Fcan-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&u=D7ZVKLCV3PaSDWYouv&d=indiatoday.in&g=60355&g0=Technology&g1=Ankita%20Chakravarti%2CEdited%20by%20ankita.chakravarti&n=1&f=00001&c=0&x=0&m=0&y=5471&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=7362&t=CpjZPqDChuolBlcHkCDetD9kD06eJ9&V=128&i=Can%20downloading%20WhatsApp%20photo%20or%20video%20infect%20your%20phone%20with%20virus%3F%20Not%20likely%20but%20be%20careful&tz=-120&sn=1&sv=BoOlJvnnm5rCxLVukJwYYSCx2lx4&sd=1&im=067b0ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.192.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-192-18.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:50 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H3-29 200 JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C85 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 09:08:26 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 95ms
95ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021082501&jk=2825322213698349&bg=!KimlKW3NAAZOkH6FTpA7ACkAdvg8WvEJQWJyqsukvp0fKLfdty1aYxtZR9146PozH7n_Dzz2BnSqNQIAAACuUgAAAAxoAQcKAIHsgvDVkfWmEVaZyRruqsHNWLWUgbgDNQvrTknBBgpweNXLhlhjvSPQxdQNnYbjbZFIV-9iNt8e5J576-NH8mZB53efCCxmmIkfoNApKsz1w_4Q2pYY6L9ewdufotdefd9s6l4g3W7EQzWa3Zkn5xJDO3KTQOlm51tEuSFlRPb-dJWZAoOYkvHpHjA31l0nA9wmZ4ITQO_zpCCO9g_oMJOcT-saWPuOD46TIJYK9yw-aJYXv49-cRdir_rE-4BCcgAyR8psuzUMKemmzP3cQibdCwJnSkpWSzqP2ZwitCSiNlo6s5RxMHmuUXpZH4190lZfDudIfIVMnGgjSZioGqI0CZbiK9zSQH5j9e7Fps34EqY8yPJxOHJ4QIqJAoFF09ptb3nbHz6WdDWTCxA7I1xjpZkeNcofywcS7D5rHF0A6g-035213pe5fUJFGHxLwRbKcn4PFBzcTPEc1z6mxWlVviTlx_NMC6crrfIGlFzHkxTY9TuI6Jae74cp3IqWkccv9bRC6O3WhjD_LcdnC_mRru6ZBsZ9dw7KilAPEJFRPSI3NJElS9GjpsKQtT6-arg2HzD6FGDlD3KeXd6v2H9iXlY1C0p4dCsN8CvYcRJrmxprJFnC4nvZBN7rLfZ20Cw7RuaceGTCThpO4rSTZd6xudQxwiceSMLY3fXBi_ZBIYpWHxYei-XS5BEFXCtQowyzq-rdtfur8TzK9qjR1CYg5-S4tI_pv9BvqjA9vHpB2Xp2GSs8y9k9YCWDMYKDHbg6jtIsdfoKk2n28Lvd9ArC-uvtzdVGOeZaeuTKg5WeyJPBivmnk-NXEijgcaWVp_yO3duzupmzU8GGquMRDVeerF0sGN1jjBaqSppCoZIFOYNUFwG4Lpkqkb-i4rlKNqoDGWCbTUa7u3oioD4zPCSwSx-V7PVWFIPhBu86AmVm_hdOMa7evCTt5N0JqM78npmR0t8BIDnhbh-0PuXmJ9RbZC56piD6AA84WwK_7HZFrGFjzftjFg0HLx6FqWVZl-lkA-fvriaD
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 loader.js Show response
config.seedtag.com/ 40 KB
13 KB 96ms
33ms Script
application/javascript 104.18.135.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://config.seedtag.com/loader.js?v=0.7200017441533619
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.135.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 003dfa67d3a01a4bf4de7265f08767d4793d90ab1bfbc7b8a079379f5e5f39f9

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:50 GMT
content-encoding: br
cf-cache-status: HIT
age: 13795
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 30 Aug 2021 09:16:19 GMT
server: cloudflare
etag: W/"9ea8981d64f5b279e0409553706a78ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 686e3d178a18cddf-CDG
expires: Mon, 30 Aug 2021 13:26:50 GMT

GET
H2 200 viewability.js Show response
vibecdn.contextads.live/Inarticle/ 4 KB
2 KB 51ms
23ms Script
application/javascript 2600:9000:20eb:f200:1c:5da3:a000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vibecdn.contextads.live/Inarticle/viewability.js
Requested by: Host: delivery.contextads.live
URL: https://delivery.contextads.live/www/delivery/rtb/rtb_ajs.php?zoneid=1026&cb=35106416214&charset=UTF-8&loc=https%3A//www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&containerId=impulseadcontainer&product=impulse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:f200:1c:5da3:a000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 532e7aabc36fa28b40ea2fab78480adccab8603c5aee61aaf34990d8eaf958da

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 23:16:28 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 10:34:22 GMT
server: AmazonS3
age: 49823
etag: W/"6fe921e342bb4ecb2f9759df59a5c6c5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 5_blnxCxJNTXAd8tOR-L4thZ9OXEEYs0TN_VtV38CsTUacCitDgTTQ==

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ 2 KB
1 KB 90ms
29ms Script
application/javascript 104.16.200.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=93932313f563033313f583030313&cid=1008&p=9144&s=www.indiatoday.in&x=&nci=576&adtg=1026&nai=&si=&pn=indiatoday&h=&w=&bp=&pp=&ci=3722&ip=%20&ai=&di=&mm=&os=Linux&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/92.0.4515.159%20Safari/537.36&lat=&lon=&idl=&ttduid=&id5=&flcb=1630328810101
Requested by: Host: www.indiatoday.in
URL: https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 20 Aug 2021 19:41:29 GMT
server: cloudflare
age: 166
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 686e3d179d6f4055-CDG
content-length: 1146
expires: Mon, 30 Aug 2021 15:06:50 GMT

GET
H2 200 lg.php
delivery.contextads.live/www/delivery/ 860 B
860 B 748ms
747ms Image
image/gif 13.224.193.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.contextads.live/www/delivery/lg.php?bannerid=3722&campaignid=576&zoneid=1026&loc=https%3A%2F%2Fwww.indiatoday.in%2Ftechnology%2Fnews%2Fstory%2Fcan-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&cb=6059bd2963&bid=&request_id=2287265678
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-67.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 13:06:50 GMT
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-amz-cf-id: cKJ58TS8ZutY_bwc18zieoRHjbXEZnhvIMJoOMmJtdns2_nxQ-3oVg==
expires: 0

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ 30 KB
23 KB 27ms
27ms Script
application/javascript 104.16.200.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1630328810198&ver1=2.2.3&qid=93932313f563033313f583030313&rnd=oe1s4b9v1dna&cid=1008
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=93932313f563033313f583030313&cid=1008&p=9144&s=www.indiatoday.in&x=&nci=576&adtg=1026&nai=&si=&pn=indiatoday&h=&w=&bp=&pp=&ci=3722&ip=%20&ai=&di=&mm=&os=Linux&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/92.0.4515.159%20Safari/537.36&lat=&lon=&idl=&ttduid=&id5=&flcb=1630328810101
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 20 Aug 2021 19:41:29 GMT
server: cloudflare
age: 169
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 686e3d182e954055-CDG
content-length: 23972
expires: Mon, 30 Aug 2021 15:06:50 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ 26 B
304 B 58ms
40ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1630328810453527&ver=1.2r81&qid=93932313f563033313f583030313&p=9144&s=www.indiatoday.in&x=&cid=1008&od1=&od2=&adtg=1026&nci=576&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=oe1s4b9v1dna&impid=&tps=99&ver1=2.2.3&flcb=1630328810101&id5=&ttduid=&idl=&lon=&lat=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/92.0.4515.159%20Safari/537.36&os=Linux&mm=&di=&ip=%20&ci=3722&pp=&bp=&w=&h=&pn=indiatoday&1=2721ac29e16899c2a76d901d17af19b6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=1600x5473&atf=&dbgcid=1008&ifm=0&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=165&icp=https%253A//www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-28-p-fl-4-s-fl-17-x-fl-0-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-4-nci-fl-3-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-flcb-fl-13-id5-fl-0-ttduid-fl-0-idl-fl-0-lon-fl-0-lat-fl-0-ua-fl-137-os-fl-5-mm-fl-0-di-fl-0-ip-fl-3-ci-fl-4-pp-fl-0-bp-fl-0-w-fl-0-h-fl-0-pn-fl-10-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=0&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1600x1200&gpu=undefined&ncf=4g_10_undefined_null_0_undefined_false&fli=3429136985&flerr=0&trim=&fio=37
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:50 GMT
cf-cache-status: HIT
last-modified: Fri, 20 Aug 2021 19:41:20 GMT
server: cloudflare
age: 5556
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 686e3d19b96c2b4d-FRA
content-length: 26
expires: Mon, 30 Aug 2021 15:06:50 GMT

GET
H2 200 vbl.gif
pre.glotgrx.com/ 26 B
134 B 13ms
13ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1630328811466&rnd=oe1s4b9v1dna&ifm=0&uai=1&cid=1008&s=www.indiatoday.in&p=9144&x=&adtg=1026&ats=1600x5473&atf=&nsi=&si=&nci=576&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=https%253A//www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&impid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.indiatoday.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:06:51 GMT
cf-cache-status: HIT
last-modified: Fri, 20 Aug 2021 19:41:20 GMT
server: cloudflare
age: 2398
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 686e3d1facee2b4d-FRA
content-length: 26
expires: Mon, 30 Aug 2021 15:06:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: recengine.intoday.in
URL: https://recengine.intoday.in/collector/com.snowplowanalytics.snowplow/tp2

Verdicts & Comments Add Verdict or Comment

637 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

42 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.indiatoday.in/sites/all/themes/itg/js/video_preview.js?qykd1t(Line 109) Message: DESKTOP Setup
console-api	log	URL: https://www.indiatoday.in/sites/all/modules/custom/itg_sso_reg/js/itg_sso_login.js?1630236601(Line 1) Message:
console-api	log	URL: https://akm-img-a-in.tosshub.com/indiatoday/js/ads/showadcontent.js(Line 10) Message: Ad blocker detected
console-api	log	URL: https://www.indiatoday.in/sites/all/themes/itg/js/video_preview.js?qykd1t(Line 37) Message: DESKTOP Setup ..............
console-api	warning	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://akm-img-a-in.tosshub.com/sites/recengine/tracker/2.11.0/cssp.js(Line 1) Message: get sp_itgd: null
console-api	log	URL: https://akm-img-a-in.tosshub.com/sites/recengine/tracker/2.11.0/cssp.js(Line 1) Message: Calling function for settign valule
console-api	log	URL: https://akm-img-a-in.tosshub.com/sites/recengine/tracker/2.11.0/cssp.js(Line 1) Message: OOPS! Failed to load https://recengine.intoday.in/recengine/info/efidwq
console-api	log	URL: https://akm-img-a-in.tosshub.com/sites/indiatoday/recommend-js/check-this-out.js(Line 191) Message: f 770
console-api	log	URL: https://saxp.zedo.com/sclient/tt3/fmos.js(Line 277) Message: USP API frame not found
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156066/551/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://akm-img-a-in.tosshub.com/sites/recengine/tracker/2.11.0/cssp.js(Line 1) Message: OOPS! Failed to load https://recengine.intoday.in/recengine/info/efidwq
console-api	log	URL: https://akm-img-a-in.tosshub.com/sites/recengine/tracker/2.11.0/cssp.js(Line 1) Message: OOPS! Failed to load https://recengine.intoday.in/recengine/info/efidwq
console-api	log	URL: https://akm-img-a-in.tosshub.com/sites/recengine/tracker/2.11.0/cssp.js(Line 1) Message: getAllResponseHeaders: cache-control: max-age=0, no-cache, no-store content-length: 28 content-type: application/json expires: Mon, 30 Aug 2021 13:06:44 GMT pragma: no-cache
console-api	log	URL: https://akm-img-a-in.tosshub.com/sites/recengine/tracker/2.11.0/cssp.js(Line 1) Message: responseText: {"sp_itgd":null,"uid":null}
console-api	log	URL: https://akm-img-a-in.tosshub.com/sites/recengine/tracker/2.11.0/cssp.js(Line 1) Message: Final value of sp_itgd: null
console-api	info	URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2108170213000 https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
console-api	info	URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2108170213000 https://www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18
console-api	log	URL: https://impulse.contextads.live/main/impulse.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://delivery.contextads.live/www/delivery/rtb/rtb_ajs.php?zoneid=1026&cb=35106416214&charset=UTF-8&loc=https%3A//www.indiatoday.in/technology/news/story/can-downloading-whatsapp-photo-or-video-infect-your-phone-with-virus-not-likely-but-be-careful-1770388-2021-02-18&containerId=impulseadcontainer&product=impulse(Line 147) Message: [object Object]
console-api	log	URL: https://vibecdn.contextads.live/Inarticle/viewability.js(Line 1) Message: viewability

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
akm-img-a-in.tosshub.com
aktrack.pubmatic.com
alrts.foppscolor.com
api2.branch.io
app.link
beacon.lynx.cognitivlabs.com
c1.adform.net
cdn.ampproject.org
cdn.branch.io
cdn.izooto.com
cdn.js7k.com
cm.adgrx.com
cm.g.doubleclick.net
config.seedtag.com
d5p.de17a.com
dac.contextads.live
delivery.contextads.live
dis.criteo.com
dmp.brand-display.com
dsum-sec.casalemedia.com
e7f14321979eb5ffa74deb790072a8a6.safeframe.googlesyndication.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
impulse.contextads.live
js-sec.indexww.com
loada.exelator.com
match.adsrvr.org
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.onaudience.com
pixel.rubiconproject.com
pixel.yabidos.com
pr-bh.ybp.yahoo.com
pr.ybp.yahoo.com
pre.glotgrx.com
pubs.contextads.live
recengine.intoday.in
s.amazon-adsystem.com
s.yimg.com
saxp.zedo.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
smedia2.intoday.in
ssum-sec.casalemedia.com
static.chartbeat.com
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adotmob.com
sync.mathtag.com
t.pubmatic.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
vibecdn.contextads.live
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.indiatoday.in
www.youtube.com
yt3.ggpht.com
recengine.intoday.in
103.96.100.188
104.111.232.29
104.16.200.58
104.18.135.145
13.224.193.67
13.224.93.47
13.224.93.85
13.248.242.197
142.250.185.66
151.101.14.49
169.50.137.190
172.217.23.98
178.250.0.163
18.198.69.109
185.183.112.148
185.29.132.241
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.226
185.64.190.80
2.18.232.130
2.18.233.180
2.18.234.21
209.54.176.128
213.155.156.184
23.37.38.181
23.37.42.132
2600:9000:20eb:4a00:f:b7c0:a340:93a1
2600:9000:20eb:f200:1c:5da3:a000:93a1
2600:9000:2190:1600:a:5b2c:b080:93a1
2600:9000:2190:8c00:19:9934:6a80:93a1
2600:9000:2190:9600:11:f728:3040:93a1
2600:9000:2190:a600:3:6e47:11c0:93a1
2600:9000:2190:ca00:18:1fcd:34f:cdc1
2606:4700::6810:4036
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:801::2004
2a00:1450:4001:801::200e
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:803::2016
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2008
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:828::2001
2a00:1450:4001:828::2006
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2003
2a00:1450:400c:c07::9b
2a02:26f0:6c00:2a2::1ac0
2a02:26f0:6c00::210:ba0b
2a02:26f0:6c00::210:ba61
2a02:26f0:7100:1b1::1ac0
3.126.56.137
35.241.40.233
35.244.174.68
37.157.2.236
37.252.172.38
51.210.112.236
52.30.140.199
52.86.210.192
52.9.74.67
54.36.109.48
54.88.192.18
69.173.144.138
69.173.144.139
69.173.144.141
72.251.241.196
003dfa67d3a01a4bf4de7265f08767d4793d90ab1bfbc7b8a079379f5e5f39f9
013bd25800eed573c7f17d08da8c3930f7c6829bc04647d102cbd4429152557f
017aa9a6a61970cfc2af56daee1317919d6a7f88e593ccc3b8758cddd63e588c
04be4f23e1135a2993e7a58d5e23a4868f331c1c9cd3f09482f054ac0006f4d7
054f8116efea609f6f3a586399bee9925e5abe6a9d2f833f7087b6c29fd049d4
059a1c50927fa059334e8dab7b0eeeffb834a30a37cce54525505b9b87f58574
059bd43db1b50962404fe0a0e4ed7987c60c81c4e93b05db7687c08b4329e3cb
05d9a5b9f15a7b3fd593bf6656fab8bb7dc416e788c0e92381063d8685a09516
0716b20eb5481f9ae782f3bafcc1a0ae2260d35af75448b9fbeaf0e665160803
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0d7702751be66b31ff570444d09add9184c0e3e5075c940a99624852fae6163a
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1030a3d3d3dbf295231d7205252fcf7c1a442d394d9d438f52a8a5c4cd2424b0
1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
13544bd60f8b90223472b35619803208c9a0f5ebb0ce3106dc46a7f045b2ff31
1669795a66acecc6cbe96fd837a48e05d6b126cdd94a0bfe6f1bffea0803cee1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a67b1ff9017612b0437ce4736a69a6c252b6bd8706f10f20139b8e8777a26c2
1b459650bb963a18f8816893b9e2f28b828191166d7cc5a002b5e02e5f1feb81
2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc
253f5d7481c9d51234ecef630e4b7dd4ac1adfac3d031db427b9716191529a6c
26d3b5464c06cadf844204d3e0d671423588b0425df4c0e23f9651327b8866ca
274a5643f4ea2a5c7bfba15de58afd4df05f5262ee299f6986c607261ca49067
2890228c1bd894f4cb3ebb7bf81f53d78053b93fcec008bf7ed69e233ef82909
28a407b7ac1524acf25b5af1c65ce1bee7387d1dc572a071ee08861c24362a53
2afdfcaa2a1a8e41bd64613dc1c84ae5a33357e13d81de8a8e5dc6bc7733e6da
2baf938f5b1e36d36b4a612e7ecc9b70e54f8491b6110431d0ab43fb62d3f517
2c3ac617d284e3ef9696643ce105356ec51cdbe72134b62f811407873d7622a2
2c5293eb7b4a4a4d1a41be64a2fbb4148483b22c7c7d0d449bbe936229e37a53
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31f2dcdfd6da8167beaef017fde8c556f65596a86aab18e531b02e9fd7d2a06c
3208ac84538abaa27d8232c60be8bf35c007f7293679b0d1f7f0843fd055ec45
324f0c65f646d99cccc7eb6840b0ed12b55e6ea7698a7045cd1dc9397baaeca9
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
35eaf713f65d9b7048a80b4cda42029f5c0e9897d1d4b3217941f7e5d392da5f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37ef71d3e947234e70803d9e7b02809478b69d4b7d6b2af3d0f01938a9bc5fde
39dab7647df019a6baed2fec9d2174a9bb991bf06b2060cd4dfc30482b50f7f8
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c9708305e9c90a13e0dc44a19fb55121cd81bffcd36b894252241491cc86cb7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e17fd1f66f2e2ec5630208b0c7943a86835ce17dae4e6e7a0aa028855d63876
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e618569114b5c9aa99da54d8f87a6cdcf58084dac07e19a035141138e7cc3cd
3ed62cc2fd66c48e83073f7c5b79a97e95922fdd35a52549c788a8fb58c00731
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4194627b35942acc33ab9a8cdc60e99a61f7abd3b5504c8aa6e41159f35febdb
428a6eb3086e213019feb63cc206a7d41016e396944a0ec9f4220eb8056fb74a
4440d79bbed98b1b3c53241dc45b1efba799162b4b227edcb78e23a7409efbb2
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
483c3804e8245beb901da2a4a797a564ced1f2c72bddbfeb4106ac4dd0aa4af0
488e74c17bee2b3fd5dbf2f2539fc12469a3616549f70c5a9a86251595741105
48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e
494455bc5f6ad4feafabd56c73a3b0c9797b8392924b7af85dffd80182f29177
4c078314a86a672618d86d4f82ac05c5de9fd0c4761a411f762b4609a54d5f94
4da47c3fe9000c278a15ca4899b708e438da86b842ec0b53e838a4e936aa2986
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f5f5b975713e589924e52a15a3a8e321472d949eed907d0c7dc6b391c69ff97
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52d7bf3b6f408996fb52f5f4e67c814a5e4901bdfa4df519477a89f8d2290338
532e7aabc36fa28b40ea2fab78480adccab8603c5aee61aaf34990d8eaf958da
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
559a6caed49e1b529438fc571ab4695267f37a8feaa1a637890c2ba3f806784d
5ac5b7bf1982dfb6ed0569d666acda85b9e412f69509fba0f7c0f3a7150900fe
5b94653f1c7dfbf7e217387d8551ded7227ec76cc0874097622f354cbf0c6c4b
5ba2c7385552da9f0d7cffd2c6848a42f531a3053abd9556f59462946b4cbb68
5df8ad61558fc5728c7dd28848b2f4fc38ffeb528a42ea7fb2b4eb1be3ad4ab6
612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
680ad84c545b89ddb13abcdacdac0bbd9325588900d9a24358d1237e4cdafc81
68f5b0a746123ac1f52fbe47522e39e0614fac234c321baa3a695d771e4e4810
699422244e6266026d58afe1dce5e519e99717626536a5db41d0b2c402878492
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6edf3e83cbcec12731cf5e9640f27de793eb0b1d256fb3e2ce5769875f5f5016
71c564a6caa9531a7875bc67b5a6b10468cfe08b5538f3dcf43c4a3f4ba9a941
745f70cea91e86ae22b178cfac973b375a750dabbe9afde5b93fa050c96b01b2
759fb2193fd993f0eac20a1a53ab9ac00864252d9df5de2ac5769cc0e6dfc953
76d198150df7399eaa271be1525d86e930e79436b85c345aea1d921cbc1997b3
7723e3bb6ab2cebe4c3f43abbdbac799ff00f010f1e55d359e8d2bc3cf1806cf
77402456db05d95ddd30000591710ee9714f249c22320445f64e6b7042908b66
781c583a7bb11108f25782518c7b345e1bebbf990d8a25bcec0ac00acd429457
7a65e3ef56dc8731764dca9c8a6aeffaa4abc155c05fe1a58c2d1b6621df974d
7d49fad697c6d394ef706765f423c812e60712a35871ee9b29c1bcbdb696c7ae
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81542e48f819747ee06c1943f1a8f4e3c9c21208d8d6847897a6c1d39e2ea065
824d3a8d825c6ce58fe2fe8b7772a4652e966866afb0ea89a78f4da6814212e3
8293e4207ab19f5a73cab24e05e84b383b83c74bf88c71a4932b6e9e98d072fc
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838608a5ee9cdb569b2da3bcec6d43a5d8b16dd5e79c1e8237bf99527612e987
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8563b76291fd0181547f398e74c362b5a799b6d1f02de243014fbf6e76b4df55
85f11c352afbcbcbaec42b29dcc7516f3d273c78845be7a9f8cdb92b1d98083e
85fb5079e16d13b344437f48d856c37aeddfb16f50a139f3520821a6eeed670f
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b
887238e12d1eff42c1f6ff712ecfecd8cd028e856d9ebfbe6c4e8d04a6440cde
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad
93419375ace457303adcb19b0d23de96b1da646564073ce6935795b4458f9670
95241a0cf0b3616e54e6e0be6a3e86db2485372450f70652ed048826e334b600
95530131c74ba8c71ca69cf19ea8a23028528d709ba333021fc03d67ef750db7
961bb96a7f3e35c01f4cac7a91ada097a08690411b4f3804acf62da1a8f52c72
96c46f63519793705c8d837a734e2d323d378a40ca02bf3d5fd160b8042c3d28
9aff7ee8e719e5bd3bd5bd4df69d236787d750bbf9d9786b68fa1298b42065e2
9c2fb7308efbc82575d86510fcf8958f4715ee5798fc00c6b1fa1029d0ba8770
9daada51e01782d9b5d940d57536c8878bbdf16ab254c08432d70921d7f69cd0
a213b67eebe575881cc62cd8800129e15d9ca92049b2e37832bf83d9fa2ed79e
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c460f0ddd84fe2afacef93bc950d5c464f09d7f5c17cbe9e347ee978831d97
a31442d9d6f498b61a68b22c8063b860617a864e743bcdff181b079292c619b2
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a692d3f487488359d8f4b5deb513cae5f6a76ab92e7d98656f4a843e97fa2c64
a6f261ca5780d552373f77c179417a2d9a3c2dc79ad146de512409b6f5efd3a2
a6f7cb898eb7ebd4f04f47a0e2748b61798ab2c14f9fbe078a78ce3cb7a04822
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a8ed46006d6e5ea3a3cc755a42795c42ff4edeafd26ca246cf389fdf30d32da6
aad5583a1882539c08cdc6caaf3a06d21899ffd66141f7d720a8946a20d3922e
aec0782b106800f4e3a1d9208eacb5fe30432b30855cb5e2acc7ea066f49a49a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af4ea6a282ae7eea92926ea411896161acce7aba0463808e1d4b61f2bca20c04
af5ffe2c662aa6b571393dbd836619aecfb1feb7215f6660fc8f0ebed48b91e1
af6c243b7f8bffd605830b25861a50e5ccd9a50faa1f70a7e4424ec7acfee4fe
b0341aa2b26637f24e2643104996111beb5fb458194480df74f5c24ee2fe5204
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f23d8732d8e2a4f2e983d5bf52c680226ec20d3b3453a7d8de4ef4e28aa7a5
b2b7366dc2a8c6752f1b5e0fb5c51cabb08a7c465a961afb407bfb737777a864
b2e7fdfb4ecc4fcf13bc4b887025f4cafdff3469da030d0deeead6dbb15a3995
b3ab56e55da484681849e44704329d420e1d44738f223d48f9522a021340af27
b549c6d1fbfe2d1c36d5a00f1802a87b0af140ba4d5db9067de1d24da224cece
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb74cc8e45d1408e44d42285d7c37a61cb1e79b7b700349757649e38a2e94350
c0e5b9503ac83288a5e6931fdeb3e654593c5b99cd95db8b58d1e83dd72ebd55
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6f548056f9346966b4d8ecd6fb653e82f1ddf15a069eff89a47ae3e6b030b0a
c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f
c7fa1f61076bcc4053d47d41a9a7f691e9be8e28fc17dcbd8f30698f46607943
c8d87f2487c1947c1f207bfc1f1bec122f29e3913ae121d3a5e80c4b04bfbef4
c9715e32607305f646d45360096cfd88c3d6c22f75df9c5d7913106d38a8fbef
cacce6ba38823dc7917620e735548cffcc0f83d10ea4388ffee5c8fba78cce7a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb8b69d2597da9735bd52db589bd371f22a83137caabf5781e14dc099f2888f
cfc383841a587087e5c47526dd227cd99d5330f9794f98ab8dee24f3449c9116
d1938bba77cf602c2959ec0ae4df46dde7d0435c4f39952598cd6b345119ad61
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7136f197657da2899b7984a725c366545772b1d4829cdef14c207aa9d8b2540
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dcb52d20b27366c22cdb4c7a3a609e1f2225067837398582335c8df3fc06fcd4
ddb1bb033cc441e901daf65cda888a50d5e04589b53f97e20759471d37d0276f
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de7cbf67ddf22756d36e14e8c1a4fdcebd37495e98d66ca786fbe08f34a17094
df1805daa3d52868f0c5248de4f25fa23f31d973d56fd965b71c426123578043
e1fb3b1ab002d7d6568caa4775c5839b905ca80ca3960eb2c3a9ca4a2796d0fb
e241c405d64783e323c3c2254cb5769a59f8d19101255e3cc55355fd22059262
e26821383f68e4f3fd00c2de5f67f57cb189d2d57146f8cc01e96b2fc45ec9a2
e28a8ed74cfc119903c4916aa2fd971c138c473dec9b08468ca97426cf55fb21
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d49e0af018a39be1bc17da23ae814d7ee84f2b25084a779e71ec4b37dd8022
e82756cab7fba4593496e132a6e1c70ee5f6deaf020dfa4404ac2baf3aff5f3d
e87d7c59119397293cf71c27dd7eac13e19f0f3cc3f2b85fc52a74864757b251
eae042efcf0e9067ef285b37c4fa7f6d00286f7e538191ea55063e7fba98d237
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a28722be3f40377b1cda5a061b131b2ad035d70a9a1d455852381fdf44bfa7
f0af455a63e4a968054fbd32b7f327a292dcf011711e5e2c31fba07ec498b6c4
f15ad02b2ddf09e38a5a8b555d56f3df517799a276bc3c50cadbb6b2b8ef1bf2
f27bbf3887ec697bd228302c8491ed0999ce63aec111aabb3fa95d31ed6c3477
f430ecdfe43bb2643f880c4d6ba74489e25aea3b43e4b46c078feb3d7569dc86
f492ff7030f71bd12ddde06d1749dc68ac7ac63fce65aa2d971a2ba9342434e8
f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3
f519b28bd0a84d6cf29f5aba1802e0a8dafffd3d9467eb5c76460ffcd9ac6ccd
f63034bbac6c5a2d24802147bcdc5cc4b32800f72cb349b0f8dcbc01b5e6cfe6
f98c7bfed89509b901aa1a3c11bdbfeeb12df8461fc3c9d02530aa933668268b
fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd516ed98d3ffc2576e8a7b09a63aab5f760b4723f367d115828c8fa258fb9e3
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
ffd6323ee142840bba7354a6b6ae5979a9b0d8a5aae2224b8be4844bfcd57de3

www.indiatoday.in Open in urlscan Pro 2a02:26f0:6c00::210:ba0b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

275 Requests

100 %HTTPS

44 %IPv6

53 Domains

84 Subdomains

68 IPs

10 Countries

3312 kBTransfer

9176 kBSize

0 Cookies

45 Outgoing links

Page URL History

Redirected requests

275 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 28 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.indiatoday.in Open in urlscan Pro
2a02:26f0:6c00::210:ba0b Public Scan

Screenshot
Live screenshot

Full Image

275
Requests

100 %
HTTPS

44 %
IPv6

53
Domains

84
Subdomains

68
IPs

10
Countries

3312 kB
Transfer

9176 kB
Size

0
Cookies

275 HTTP transactions
28 data transactions