urlscan.io logo urlscan.io
SecurityTrails logo

www.hindustantimes.com Open in urlscan Pro
2600:1400:9000::687e:74b1  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-Ac...
Submission: On April 30 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 90 IPs in 5 countries across 88 domains to perform 347 HTTP transactions. The main IP is 2600:1400:9000::687e:74b1, located in New York, United States and belongs to AKAMAI-ASN1, NL. The main domain is www.hindustantimes.com. The Cisco Umbrella rank of the primary domain is 28533.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 16th 2023. Valid for: 8 months.
This is the only time www.hindustantimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
58 2600:1400:900... 20940 (AKAMAI-ASN1)
10 2607:f8b0:400... 15169 (GOOGLE)
1 3 18.172.134.52 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 2600:1400:d:5... 20940 (AKAMAI-ASN1)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
6 3.7.218.223 16509 (AMAZON-02)
2 9 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 151.101.130.137 54113 (FASTLY)
2 162.247.241.14 23467 (NEWRELIC-...)
3 2607:f8b0:400... 15169 (GOOGLE)
5 2600:1400:b00... 20940 (AKAMAI-ASN1)
3 2600:1400:b00... 20940 (AKAMAI-ASN1)
1 2600:9000:24d... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
13 2607:f8b0:400... 15169 (GOOGLE)
5 23.54.68.197 16625 (AKAMAI-AS)
3 18.160.197.128 16509 (AMAZON-02)
2 108.138.128.46 16509 (AMAZON-02)
2 35.168.153.83 14618 (AMAZON-AES)
1 142.250.65.194 15169 (GOOGLE)
1 4 2607:f8b0:400... 15169 (GOOGLE)
1 108.138.124.226 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 54.165.234.231 14618 (AMAZON-AES)
2 18.209.150.91 14618 (AMAZON-AES)
1 23.57.131.233 16625 (AKAMAI-AS)
3 8.28.7.105 62713 (AS-PUBMATIC)
5 174.137.133.32 27257 (WEBAIR-IN...)
1 35.211.165.199 19527 (GOOGLE-2)
1 3 68.67.160.24 29990 (ASN-APPNEX)
1 23.105.12.144 30633 (LEASEWEB-...)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 96.17.65.160 16625 (AKAMAI-AS)
1 2600:9000:234... 16509 (AMAZON-02)
4 27 192.40.39.223 27381 (CASALE-MEDIA)
2 28 52.46.128.147 16509 (AMAZON-02)
14 20 142.251.41.2 15169 (GOOGLE)
1 34.111.234.236 396982 (GOOGLE-CL...)
1 35.190.60.146 15169 (GOOGLE)
1 18.189.241.228 16509 (AMAZON-02)
1 2 96.17.64.208 16625 (AKAMAI-AS)
1 18.160.225.104 16509 (AMAZON-02)
2 2600:1400:900... 20940 (AKAMAI-ASN1)
11 11 3.33.220.150 16509 (AMAZON-02)
4 4 68.67.179.166 29990 (ASN-APPNEX)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 107.6.94.156 32475 (SINGLEHOP...)
1 2600:1f18:61c... 14618 (AMAZON-AES)
4 34.230.184.9 14618 (AMAZON-AES)
8 9 35.211.178.172 15169 (GOOGLE)
1 1 23.34.248.177 16625 (AKAMAI-AS)
4 4 18.206.75.171 14618 (AMAZON-AES)
1 1 195.244.31.10 63140 (IGUANA-WO...)
1 1 2600:9000:234... 16509 (AMAZON-02)
1 51.222.39.185 16276 (OVH)
3 3 34.171.234.26 396982 (GOOGLE-CL...)
4 4 70.42.32.159 13789 (INTERNAP-...)
1 52.3.180.182 14618 (AMAZON-AES)
2 5 34.98.64.218 396982 (GOOGLE-CL...)
1 1 199.187.193.179 ()
4 4 2606:ae80:145... 25751 (VALUECLICK)
1 50.16.16.77 14618 (AMAZON-AES)
4 104.107.5.93 16625 (AKAMAI-AS)
3 6 198.148.27.140 19189 (PULSEPOINT)
1 1 63.251.86.51 32475 (SINGLEHOP...)
1 7 69.175.41.44 32475 (SINGLEHOP...)
2 3 35.71.139.29 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 54.226.241.213 14618 (AMAZON-AES)
2 2 54.165.146.88 14618 (AMAZON-AES)
4 5 151.101.2.49 54113 (FASTLY)
1 104.18.10.47 13335 (CLOUDFLAR...)
1 23.54.68.184 16625 (AKAMAI-AS)
1 2600:1f18:1c9... ()
4 199.187.193.202 ()
2 3 8.28.7.81 62713 (AS-PUBMATIC)
1 1 74.119.119.150 19750 (AS-CRITEO)
2 3 2600:1f18:4e9... 14618 (AMAZON-AES)
1 18 3.214.33.241 ()
2 2 52.70.149.227 ()
3 4 64.202.112.127 ()
2 2 18.235.135.185 ()
1 1 3.220.81.91 ()
1 1 2603:c020:400... ()
1 169.197.150.8 ()
2 2 54.224.41.210 ()
1 1 199.187.193.182 ()
3 52.5.252.145 ()
9 13 69.173.151.100 ()
4 6 34.111.113.62 ()
18 2607:f8b0:400... ()
3 2607:f8b0:400... ()
1 1 216.200.232.249 ()
1 1 80.77.87.162 46636 (NATCOWEB)
1 1 37.230.131.22 ()
2 2 207.198.113.204 ()
1 1 54.159.252.56 ()
4 4 185.184.8.90 ()
1 1 23.192.31.127 ()
4 2600:9000:250... ()
1 1 199.38.167.131 ()
5 162.248.18.37 ()
1 2 52.0.82.32 ()
1 1 2620:112:f002... ()
2 2 3.214.203.148 ()
1 1 141.226.224.48 ()
1 104.18.11.47 ()
2 69.16.175.42 ()
5 2607:f8b0:400... ()
1 52.95.115.196 ()
1 2620:1ec:21::14 ()
1 52.203.157.217 ()
1 2607:f8b0:400... ()
347 90
58    2600:1400:9000::687e:74b1 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
www.hindustantimes.com
10    2607:f8b0:4006:81f::200e (New York, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    18.172.134.52 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-134-52.ord56.r.cloudfront.net
sb.scorecardresearch.com
1    2607:f8b0:4006:809::200e (New York, United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
2    2600:141b:13:791::1833 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
images.hindustantimes.com
1    2600:1400:d:5a7::1833 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
analytics.htmedia.in
1    2607:f8b0:4006:823::200e (New York, United States)

ASN15169 (GOOGLE, US)
ampcid.google.ca
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    3.7.218.223 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-7-218-223.ap-south-1.compute.amazonaws.com
dap.hindustantimes.com
9    2607:f8b0:4006:817::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
4    2607:f8b0:4006:824::2003 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
3    2607:f8b0:4006:80d::2003 (New York, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2600:1400:b000::684d:9908 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
api.hindustantimes.com
3    2600:1400:b000::684d:9929 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
personalize.hindustantimes.com
1    2600:9000:24d3:5400:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
3    2607:f8b0:4006:820::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    2607:f8b0:4006:824::2002 (New York, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    23.54.68.197 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-197.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    18.160.197.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-197-128.ord56.r.cloudfront.net
c.amazon-adsystem.com
2    108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net
tags.crwdcntrl.net
2    35.168.153.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-153-83.compute-1.amazonaws.com
bcp.crwdcntrl.net
1    142.250.65.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
www.googleadservices.com
4    2607:f8b0:4006:80e::2002 (New York, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    108.138.124.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-124-226.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
4    2606:4700::6812:1d93 (United States)

ASN13335 (CLOUDFLARENET, US)
ssl.widgets.webengage.com
wsdk-files.webengage.com
afiles.webengage.com
1    54.165.234.231 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-234-231.compute-1.amazonaws.com
ping.chartbeat.net
2    18.209.150.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-150-91.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
1    23.57.131.233 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-131-233.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
3    8.28.7.105 (United States)

ASN62713 (AS-PUBMATIC, US)
ow.pubmatic.com
5    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
cpm.adsolut.in
sync.adkernel.com
1    35.211.165.199 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 199.165.211.35.bc.googleusercontent.com
grid.bidswitch.net
3    68.67.160.24 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    23.105.12.144 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
prg-apac.smartadserver.com
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    96.17.65.160 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-65-160.deploy.static.akamaitechnologies.com
a.teads.tv
1    2600:9000:2340:4800:8:cf94:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
8261785d.webengage.co
27    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
28    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
20    142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
cm.g.doubleclick.net
1    34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
1    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
1    18.189.241.228 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-189-241-228.us-east-2.compute.amazonaws.com
sync.sharethis.com
2    96.17.64.208 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-64-208.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
1    18.160.225.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-225-104.ord58.r.cloudfront.net
aa.agkn.com
2    2600:1400:9000::687e:7490 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
affliate-api.hindustantimes.com
11    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
4    68.67.179.166 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    107.6.94.156 (Santa Clara, United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    2600:1f18:61c0:2205:e9ef:fe6f:6ce4:eb8b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
4    34.230.184.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-184-9.compute-1.amazonaws.com
c.webengage.com
9    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    23.34.248.177 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-34-248-177.deploy.static.akamaitechnologies.com
cs.media.net
4    18.206.75.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-75-171.compute-1.amazonaws.com
match.prod.bidr.io
1    195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
1    2600:9000:234f:9600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net
onetag-sys.com
3    34.171.234.26 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 26.234.171.34.bc.googleusercontent.com
um.simpli.fi
4    70.42.32.159 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    52.3.180.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-180-182.compute-1.amazonaws.com
rtb.gumgum.com
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
1    199.187.193.179 (None, )

ASN- ()
ssbsync-us.smartadserver.com
4    2606:ae80:1451:12::1720 (United States)

ASN25751 (VALUECLICK, US)
amazon-tam-match.dotomi.com
pulsepoint-match.dotomi.com
1    50.16.16.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-16-77.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
4    104.107.5.93 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-107-5-93.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    63.251.86.51 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
7    69.175.41.44 (Yorktown Heights, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: sovrn-193627-chi03-placeholder
ce.lijit.com
3    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    2607:f8b0:4006:823::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
1    2607:f8b0:4006:807::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2607:f8b0:4006:80c::2002 (New York, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2607:f8b0:4006:821::2001 (New York, United States)

ASN15169 (GOOGLE, US)
ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    54.226.241.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-226-241-213.compute-1.amazonaws.com
rtb.adentifi.com
2    54.165.146.88 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-146-88.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    23.54.68.184 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-184.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    2600:1f18:1c96:4103:85f9:b152:a5d7:cc08 (None, )

ASN- ()
sync.tidaltv.com
4    199.187.193.202 (None, )

ASN- ()
rtb-csync.smartadserver.com
3    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
3    2600:1f18:4e9:5a05:9d1e:a7ee:a4dc:6f3c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
18    3.214.33.241 (None, )

ASN- ()
usersync.gumgum.com
2    52.70.149.227 (None, )

ASN- ()
t.pswec.com
4    64.202.112.127 (None, )

ASN- ()
sync.outbrain.com
2    18.235.135.185 (None, )

ASN- ()
beacon.lynx.cognitivlabs.com
1    3.220.81.91 (None, )

ASN- ()
sync.ipredictive.com
1    2603:c020:400d:3000:7130:bb0b:d7e:bee2 (None, )

ASN- ()
sync.technoratimedia.com
1    169.197.150.8 (None, )

ASN- ()
match.deepintent.com
2    54.224.41.210 (None, )

ASN- ()
ad.360yield.com
1    199.187.193.182 (None, )

ASN- ()
ssbsync.smartadserver.com
3    52.5.252.145 (None, )

ASN- ()
ads.yieldmo.com
13    69.173.151.100 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
6    34.111.113.62 (None, )

ASN- ()
pixel.tapad.com
18    2607:f8b0:4006:809::2001 (None, )

ASN- ()
tpc.googlesyndication.com
3    2607:f8b0:4006:80a::2002 (None, )

ASN- ()
www.googletagservices.com
1    216.200.232.249 (None, )

ASN- ()
sync.mathtag.com
1    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    37.230.131.22 (None, )

ASN- ()
dm-eu.hybrid.ai
2    207.198.113.204 (None, )

ASN- ()
pixel-sync.sitescout.com
1    54.159.252.56 (None, )

ASN- ()
sync.crwdcntrl.net
4    185.184.8.90 (None, )

ASN- ()
creativecdn.com
1    23.192.31.127 (None, )

ASN- ()
secure-assets.rubiconproject.com
4    2600:9000:2506:de00:1d:d7f6:39d2:2dc1 (None, )

ASN- ()
m.media-amazon.com
1    199.38.167.131 (None, )

ASN- ()
p.rfihub.com
5    162.248.18.37 (None, )

ASN- ()
image2.pubmatic.com
simage2.pubmatic.com
2    52.0.82.32 (None, )

ASN- ()
thrtle.com
1    2620:112:f002:bbbb::21 (None, )

ASN- ()
ad.turn.com
2    3.214.203.148 (None, )

ASN- ()
ads.avct.cloud
1    141.226.224.48 (None, )

ASN- ()
sync.taboola.com
1    104.18.11.47 (None, )

ASN- ()
cdn.indexww.com
2    69.16.175.42 (None, )

ASN- ()
tg1.aniview.com
player.avplayer.com
5    2607:f8b0:4006:80e::2001 (None, )

ASN- ()
cdn.ampproject.org
1    52.95.115.196 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
1    52.203.157.217 (None, )

ASN- ()
track1.aniview.com
1    2607:f8b0:4006:816::200a (None, )

ASN- ()
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
76 hindustantimes.com
www.hindustantimes.com — Cisco Umbrella Rank: 28533
images.hindustantimes.com — Cisco Umbrella Rank: 62533
dap.hindustantimes.com — Cisco Umbrella Rank: 116247
api.hindustantimes.com — Cisco Umbrella Rank: 69656
personalize.hindustantimes.com — Cisco Umbrella Rank: 262486
affliate-api.hindustantimes.com — Cisco Umbrella Rank: 338744
1 MB
39 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
227 KB
33 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax.amazon-adsystem.com — Cisco Umbrella Rank: 455
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
aax-eu.amazon-adsystem.com
82 KB
27 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876
dsum.casalemedia.com
23 KB
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com
tpc.googlesyndication.com
192 KB
19 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 2335
usersync.gumgum.com
6 KB
18 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 798
pixel-us-east.rubiconproject.com
token.rubiconproject.com
secure-assets.rubiconproject.com
pixel.rubiconproject.com
30 KB
17 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 725
ow.pubmatic.com — Cisco Umbrella Rank: 4018
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 729
image6.pubmatic.com — Cisco Umbrella Rank: 1037
image2.pubmatic.com
simage2.pubmatic.com
187 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
data.adsrvr.org
6 KB
11 google.com
ampcid.google.com — Cisco Umbrella Rank: 2680
www.google.com — Cisco Umbrella Rank: 16
adservice.google.com — Cisco Umbrella Rank: 130
2 KB
10 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1416
x.bidswitch.net — Cisco Umbrella Rank: 427
4 KB
10 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
89 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
ce.lijit.com — Cisco Umbrella Rank: 1417
8 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
secure.adnxs.com — Cisco Umbrella Rank: 604
acdn.adnxs.com — Cisco Umbrella Rank: 806
24 KB
8 webengage.com
ssl.widgets.webengage.com — Cisco Umbrella Rank: 46506
wsdk-files.webengage.com — Cisco Umbrella Rank: 23714
c.webengage.com — Cisco Umbrella Rank: 10422
afiles.webengage.com
73 KB
7 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 12101
ssbsync-us.smartadserver.com
rtb-csync.smartadserver.com
ssbsync.smartadserver.com
4 KB
6 tapad.com
pixel.tapad.com
1 KB
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 866
5 KB
6 google.ca
ampcid.google.ca — Cisco Umbrella Rank: 113793
www.google.ca — Cisco Umbrella Rank: 8003
adservice.google.ca — Cisco Umbrella Rank: 14238
2 KB
5 ampproject.org
cdn.ampproject.org
110 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1020
1 KB
5 openx.net
u.openx.net — Cisco Umbrella Rank: 974
us-u.openx.net
1 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1550
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323
sync.crwdcntrl.net
23 KB
4 media-amazon.com
m.media-amazon.com
12 KB
4 creativecdn.com
creativecdn.com
1 KB
4 outbrain.com
sync.outbrain.com
1 KB
4 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 9425
ads.yieldmo.com
2 KB
4 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 8170
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 10516
1 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 813
2 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 825
2 KB
3 googletagservices.com
www.googletagservices.com
146 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
2 KB
3 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1939
1 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 535
1 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1223
1 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
191 KB
3 gstatic.com
fonts.gstatic.com
42 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
3 KB
2 aniview.com
tg1.aniview.com
track1.aniview.com
7 KB
2 avct.cloud
ads.avct.cloud
1 KB
2 thrtle.com
thrtle.com
686 B
2 sitescout.com
pixel-sync.sitescout.com
1 KB
2 360yield.com
ad.360yield.com
644 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com
1 KB
2 pswec.com
t.pswec.com
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 958
cdn.indexww.com
2 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1009
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1873
960 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1248
s.tribalfusion.com — Cisco Umbrella Rank: 2774
1 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 822
stags.bluekai.com
896 B
2 adsolut.in
cpm.adsolut.in — Cisco Umbrella Rank: 132434
534 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 1019
457 B
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 477
772 B
1 googleapis.com
fonts.googleapis.com
977 B
1 avplayer.com
feed.avplayer.com Failed
player.avplayer.com
198 KB
1 linkedin.com
px.ads.linkedin.com
730 B
1 taboola.com
sync.taboola.com
310 B
1 turn.com
ad.turn.com
518 B
1 rfihub.com
p.rfihub.com
792 B
1 hybrid.ai
dm-eu.hybrid.ai
460 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1531
660 B
1 mathtag.com
sync.mathtag.com
671 B
1 deepintent.com
match.deepintent.com
222 B
1 technoratimedia.com
sync.technoratimedia.com
3 KB
1 ipredictive.com
sync.ipredictive.com
465 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 941
568 B
1 tidaltv.com
sync.tidaltv.com
197 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1948
35 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 3483
424 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1124
149 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1005
531 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1151
355 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 2272
665 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1979
181 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 775
723 B
1 sharethis.com
sync.sharethis.com — Cisco Umbrella Rank: 3978
549 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 621
450 B
1 ml314.com
ml314.com — Cisco Umbrella Rank: 2828
403 B
1 webengage.co
8261785d.webengage.co — Cisco Umbrella Rank: 266848
2 KB
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1617
511 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1680
17 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1521
201 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 187
2 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 2090
24 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 776
14 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 474
2 KB
1 htmedia.in
analytics.htmedia.in — Cisco Umbrella Rank: 141581
28 KB
0 socdm.com Failed
tg.socdm.com Failed
347 88
Domain Requested by
58 www.hindustantimes.com www.hindustantimes.com
28 s.amazon-adsystem.com 2 redirects www.hindustantimes.com
ssum-sec.casalemedia.com
s.amazon-adsystem.com
u.openx.net
bh.contextweb.com
rtb.gumgum.com
sync-amz.ads.yieldmo.com
ce.lijit.com
ads.pubmatic.com
eus.rubiconproject.com
20 cm.g.doubleclick.net 14 redirects bcp.crwdcntrl.net
u.openx.net
sync-amz.ads.yieldmo.com
rtb.gumgum.com
eus.rubiconproject.com
18 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.hindustantimes.com
ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com
tpc.googlesyndication.com
18 usersync.gumgum.com 1 redirects rtb.gumgum.com
eus.rubiconproject.com
18 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
13 securepubads.g.doubleclick.net www.hindustantimes.com
www.googletagservices.com
10 match.adsrvr.org 10 redirects
10 www.google-analytics.com www.hindustantimes.com
www.googletagmanager.com
9 x.bidswitch.net 8 redirects
9 www.google.com 2 redirects www.hindustantimes.com
securepubads.g.doubleclick.net
8 ssum-sec.casalemedia.com 1 redirects www.hindustantimes.com
ssum-sec.casalemedia.com
s.amazon-adsystem.com
rtb.gumgum.com
js-sec.indexww.com
7 ce.lijit.com 1 redirects s.amazon-adsystem.com
ce.lijit.com
6 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
6 pixel.tapad.com 4 redirects sync-amz.ads.yieldmo.com
ads.pubmatic.com
6 bh.contextweb.com 3 redirects s.amazon-adsystem.com
bh.contextweb.com
6 dap.hindustantimes.com www.hindustantimes.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 sync-tm.everesttech.net 4 redirects ads.pubmatic.com
5 ads.pubmatic.com www.hindustantimes.com
s.amazon-adsystem.com
rtb.gumgum.com
ads.pubmatic.com
5 api.hindustantimes.com www.hindustantimes.com
4 image2.pubmatic.com ads.pubmatic.com
4 m.media-amazon.com
4 creativecdn.com 4 redirects
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 rtb-csync.smartadserver.com
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
4 b1sync.zemanta.com 4 redirects
4 match.prod.bidr.io 4 redirects
4 c.webengage.com ssl.widgets.webengage.com
4 secure.adnxs.com 4 redirects
4 googleads.g.doubleclick.net 1 redirects www.hindustantimes.com
ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com
4 www.google.ca www.hindustantimes.com
3 www.googletagservices.com securepubads.g.doubleclick.net
3 ads.yieldmo.com sync-amz.ads.yieldmo.com
3 us-u.openx.net 1 redirects u.openx.net
3 pr-bh.ybp.yahoo.com 2 redirects u.openx.net
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 sync.adkernel.com www.hindustantimes.com
rtb.gumgum.com
sync.adkernel.com
3 pagead2.googlesyndication.com www.hindustantimes.com
tpc.googlesyndication.com
3 eb2.3lift.com 2 redirects ads.pubmatic.com
3 um.simpli.fi 3 redirects
3 ib.adnxs.com 1 redirects www.hindustantimes.com
acdn.adnxs.com
3 ow.pubmatic.com www.hindustantimes.com
ssum-sec.casalemedia.com
3 c.amazon-adsystem.com www.hindustantimes.com
3 www.googletagmanager.com www.hindustantimes.com
3 personalize.hindustantimes.com www.hindustantimes.com
3 fonts.gstatic.com www.hindustantimes.com
fonts.googleapis.com
3 sb.scorecardresearch.com 1 redirects www.hindustantimes.com
2 ads.avct.cloud 2 redirects
2 thrtle.com 1 redirects ads.pubmatic.com
2 pixel-sync.sitescout.com 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 ad.360yield.com 2 redirects
2 beacon.lynx.cognitivlabs.com 2 redirects
2 t.pswec.com 2 redirects
2 pulsepoint-match.dotomi.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com www.hindustantimes.com
2 amazon-tam-match.dotomi.com 2 redirects
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 cm.adgrx.com 2 redirects
2 wsdk-files.webengage.com 8261785d.webengage.co
ssl.widgets.webengage.com
2 affliate-api.hindustantimes.com www.hindustantimes.com
2 cpm.adsolut.in www.hindustantimes.com
sync.adkernel.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev www.hindustantimes.com
2 bcp.crwdcntrl.net www.hindustantimes.com
tags.crwdcntrl.net
2 tags.crwdcntrl.net www.hindustantimes.com
2 bam.nr-data.net www.hindustantimes.com
2 stats.g.doubleclick.net www.hindustantimes.com
2 images.hindustantimes.com www.hindustantimes.com
1 fonts.googleapis.com tpc.googlesyndication.com
1 track1.aniview.com www.hindustantimes.com
1 player.avplayer.com www.hindustantimes.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 tg1.aniview.com securepubads.g.doubleclick.net
1 afiles.webengage.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 sync.taboola.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 simage2.pubmatic.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 p.rfihub.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 data.adsrvr.org 1 redirects
1 sync.crwdcntrl.net 1 redirects
1 dm-eu.hybrid.ai 1 redirects
1 cs.admanmedia.com 1 redirects
1 sync.mathtag.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 stags.bluekai.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 sync.technoratimedia.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 dis.criteo.com 1 redirects
1 sync.tidaltv.com
1 acdn.adnxs.com www.hindustantimes.com
1 js-sec.indexww.com www.hindustantimes.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 adservice.google.com www.hindustantimes.com
1 adservice.google.ca www.hindustantimes.com
1 ap.lijit.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 ssbsync-us.smartadserver.com 1 redirects
1 rtb.gumgum.com s.amazon-adsystem.com
1 onetag-sys.com s.amazon-adsystem.com
1 s.ad.smaato.net 1 redirects
1 visitor.omnitagjs.com 1 redirects
1 cs.media.net 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 aa.agkn.com bcp.crwdcntrl.net
1 tags.bluekai.com bcp.crwdcntrl.net
1 sync.sharethis.com bcp.crwdcntrl.net
1 idsync.rlcdn.com bcp.crwdcntrl.net
1 ml314.com bcp.crwdcntrl.net
1 8261785d.webengage.co www.hindustantimes.com
1 a.teads.tv www.hindustantimes.com
1 hbopenbid.pubmatic.com www.hindustantimes.com
1 prg-apac.smartadserver.com www.hindustantimes.com
1 grid.bidswitch.net www.hindustantimes.com
1 secure.cdn.fastclick.net www.hindustantimes.com
1 ping.chartbeat.net
1 ssl.widgets.webengage.com www.hindustantimes.com
1 aax.amazon-adsystem.com www.hindustantimes.com
1 www.googleadservices.com www.hindustantimes.com
1 static.chartbeat.com www.hindustantimes.com
1 js-agent.newrelic.com www.hindustantimes.com
1 cdn.jsdelivr.net www.hindustantimes.com
1 ampcid.google.ca www.hindustantimes.com
1 analytics.htmedia.in www.hindustantimes.com
1 ampcid.google.com www.google-analytics.com
0 feed.avplayer.com Failed tg1.aniview.com
0 tg.socdm.com Failed rtb.gumgum.com
347 138
Subject Issuer Validity Valid
www.hindustantimes.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-16 -
2023-10-05		 8 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.scorecardresearch.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-01-28		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.hindustantimes.com
Amazon RSA 2048 M02		 2023-04-04 -
2024-05-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
api.hindustantimes.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-08 -
2023-08-09		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
webengage.com
Cloudflare Inc ECC CA-3		 2023-03-23 -
2024-03-22		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
adsolut.in
R3		 2023-03-22 -
2023-06-20		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
teads.tv
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
webengage.co
Amazon RSA 2048 M01		 2023-02-28 -
2023-08-02		 5 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
ml314.com
GTS CA 1D4		 2023-04-09 -
2023-07-08		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
sharethis.com
Amazon RSA 2048 M01		 2023-02-09 -
2023-07-20		 5 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
*.webengage.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-05 -
2023-05-11		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
gumgum.com
Amazon RSA 2048 M01		 2023-02-17 -
2023-08-05		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
adentifi.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-03		 6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-10-06 -
2023-10-05		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.tidaltv.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-19 -
2023-06-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2022-10-26 -
2023-10-14		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.aniview.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-07-14 -
2023-08-14		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.avplayer.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-08-08 -
2023-09-08		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh

This page contains 49 frames:

Primary Page: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Frame ID: 30937C9EB61F26F443DBFA8ED60B66A5
Requests: 153 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=16343
Frame ID: F0BA6DEEEEF7E727DBC467B379EE6EA3
Requests: 1 HTTP requests in this frame

Frame: https://8261785d.webengage.co/storage-frame-1.18.htm?cdn=y&cbf=webengage-engagement-callback-frame&lc=8261785d
Frame ID: 1710110797C801BBFA661382891F47F8
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Frame ID: 2D382EA0168740CDEB78FD3DDF2160EF
Requests: 10 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Frame ID: FCF943FB8F44B87A470EB3064D149C91
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=22%2C61%2C14%2C81%2C12%2C8&c=16343&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 7E2DBA35EFF245A026B0F86BB3FF51F4
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: BD82A039058B109C399084DB2BDA49DF
Requests: 9 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: AD09235CD1D11813315EAB9838D1FA4C
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: B08DDF8EDDE3E10B8E045AE0AF8F5AB5
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: F766B3E35DA034E1F90254EB2A6318DC
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5539071858692007168&gdpr=0&gdpr_consent=
Frame ID: 6CCBEACE8E4D02B0DD64B2615A099F05
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAF17eoD831RQMjvLsaAAAAAAA&expiration=1682911020&is_secure=true
Frame ID: C580DDEFB981FE9917A6B3A3C95C77BA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: FB82C508A68FD5ED1D594BE9DD0152F8
Requests: 10 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 7E4E992B5038D90BEF8953612D2578AD
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: D2C1FD62E2E39963FD8CF5B1F52D6D9D
Requests: 12 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: A2880305B82D6CA867834C11FD92EE74
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=5228208061499362106&ex=appnexus.com
Frame ID: 0A898998B306FAD844B1E1AA5437619F
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 34DBD5C23383A763B7C6094A3F252A32
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2282483648371981074416
Frame ID: A8C2B700A1175AAF8691260AF168D045
Requests: 1 HTTP requests in this frame

Frame: https://ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E9B008B26FA3BA105DF48BD29864AFC2
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B78F524BB5F01492EE4ADC915A11E551
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1CC3A0A453DE97BF6F73C65CB0C6B731
Requests: 3 HTTP requests in this frame

Frame: https://cpm.adsolut.in/user-synced?zone=153116&uid=A8322413069602550473
Frame ID: 9BE06C3CA57FC003911DB00DA2D3E6F7
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156370
Frame ID: 8633E0D26D1C81D339F6755B442108B6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfUMEQLnNB7F8CTtmpn4LrV0eEFa9biVNeWsljiJe86jO4jTPMtaCGnPpqOjLlzpBZL9g8FQFG9KLF7ro7Pbe6Jhd1kqcV2slsaZG6BsTOHMtRZSrdErgJoZAugQ0weTyZY0unK5udpnmoSgWwu1jTv1DHMQNqm1HeljuYyM6cF4wObQ_5TNa3Rxx4jPQWfXAjzLbtHT7iNA6NPmYrQGIB4-YMQDtWAT7XI5uZ129_CdlJpTnv-hSyfe28h-KlOUhuk8WwgaSe-QR0hDvnfbwyFsceloA3P5aTz-ptX1hHcAvcjvGJbqTubJ5PzOQyBlGyyqLmKQDVFpqCvPJ-a1Y0Ru5zYMki6T0DL2ktz2CF_-jBp4DdOnZeCzgzqRloVHHKtCs&sai=AMfl-YSi3t-NjfimhFFlWq7H4NB7nrj1n5WZXZDm2QJr6UleKBrtjcrp7_155SHARS1NCAkEMENVgpJvW0mnKJb3-m4349pA5isfmE-5JTCJkTuTsQzS1CxY2RfclRcVyw&sig=Cg0ArKJSzEhz_WHakUWXEAE&uach_m=[UACH]&adurl=
Frame ID: E4489F30E34EE90419E79472C2CE97BD
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJPhN8WsvVlod_U3uWOiWP-fcP5jb9gX6q4SCPk_v0XSmmJV57mHmt_lzRSE9JxY9FmVndgkVS90BrFeLAGLpwUy6r7h4srFK4jLXu8UUzgBJTs_duScc33v8o6znDJmGEmqzfeLmUKTWVhc2SSMXVXIsDp4-eSXBdBVswTOPv3zH4LcG4rZ5Kyvk7NUzg3Rpfl0PZ7pvMLOfNwksPjPfW48Z8P4kQhlxI7y83pNxNy7aDixT77qAdnwPG3DADG9LBppZv0i86F9TPxiXzuygXH-Gpy6NJDyivTCH_9XT4B0637Q8Bd4KvQBF6nOmAEM8NZmQm5U_Q-13WGO18HVWbK1RoSxfkkoWNLYjKr-KBYDunBOqjjQoAbJsuD6YJMrq7IX0&sai=AMfl-YSCwerkQf6874di8kLb_dtLiwpN3ZNnX8Rk-uevxD9bMvLPpPI42EccwUhtayke7VC7q8wwBFN-hU-u7bBc_UKuNJe6MHm7MeCVgeBxA0PqJWLYUtCmPlNNVeJC5A&sig=Cg0ArKJSzLdX4h_4W8ajEAE&uach_m=[UACH]&adurl=
Frame ID: 74ECC95547E9389E2DFB19680EC0D856
Requests: 7 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=b8aa644d-ddac-4200-9e46-df8bdf303fe7&gdpr=&gdpr_consent=
Frame ID: 9DB3DED4F6EA65AF0B350256D594AD23
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 99FC25FE41215E2FCB50295E9456168D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZE3drAAGheToBABa&gdpr=&gdpr_consent=
Frame ID: B123910FCC484A8BBB34FAD671A07488
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8zNDliZTlhMS00MjBmLTRkZTctYmZmNC0wZmU2MWU5MWE4NWI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 0A14DA5121EF4C871E795B2B517528AA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 1FF7BC1F71CC392D3E32C8103220BCA8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6
Frame ID: 7B7FE7F814017B09C77A10DE7A009196
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 1C5071FAD55DC8A6E59547802022F864
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=6a267f58-9a27-4b1f-b242-d1be8c09a1de
Frame ID: 44399A6DA9FF89CC49C4530836C8B368
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 56660FF367206334C4BC8426C4A7EE64
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=Sgwg2la3C3RuQ141fRFL&pi=gumgum&tc=1
Frame ID: F9805AE83C584B9A2BDB9DC9125C2484
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 5421E443C31E0740EAD234A0171A16AA
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: D22C233A29565859C23F40E43EECA0FB
Requests: 10 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: A180E7B9E7F599B66C4EF53B1FCAB736
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188715267948443
Frame ID: EED77DD984E40688202E9F5BFABB13D4
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID1EC31412-D5A5-431C-B807-57F99054DBF9
Frame ID: E518CBBB2F7CBF3BA82F11503FCF0223
Requests: 1 HTTP requests in this frame

Frame: https://afiles.webengage.com/8261785d/211246f4-5e07-41d9-95a4-26a1e09bb405.png
Frame ID: 99752DE28E16D585A2B9B04C2672AB07
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AA1BD4BE3C4799234533EF0A8F61EB8B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AFCB00F1185945F6BB807F75BB9D253E
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcL7N4CyPEOKfeBo_aR8D-nl2oaXO0EKzV8e07e-RAsFRdyOrIqBuuVHRlnleWssyZ7Roat9BiZtqpwYZUHlnj7yqQSCeKcAwKF_Ya-emM8GT2vRW6YSrumjcvKv5sBPKSzbZBpOVQHRI4rRl1GbWLR7jPCetBMh3_menW0WJ3YUd53UNK307D4S6Q8d6RK6oAJHvhzKWi-N8motPrJUAwi2A4ijqRBrYj-mWL8QADnsuIQ72SdizIQp1jSIKS3ilf3rHNpXCaguI3y0dcvxfw8JcvKz2UMEVHaM8_P8XByk3AjwmQBGmwvnXnwQbYXeC_JSaJURZgcAFkjDYdirR3OnDSPcva-A4dYouQ4M5W_G0U_J-Q9s0WhqYk6Q&sai=AMfl-YSFETm5OYs0nUFlQktFhy3Su9JtsO_Eg0cE-C6DnGgM12wz9-0B2DYyScgwDt1qtINPnYVHx5v2WrMpitAdnWbRmGipzvRn02WY5T8o6WahV7wPRfY8Ey5bDEELrGxJ9WE72vyAOU2fvN3EbmK63G8&sig=Cg0ArKJSzMdCixRHzJmUEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 11A33C9E91414B6196085DE5BE384393
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022304132133000/amp4ads-v0.mjs
Frame ID: B414F6D3E52C3CF63FC467013CE897AC
Requests: 12 HTTP requests in this frame

Frame: https://ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 003343776DF1FEC0468A9C5FE691FD1B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5933284304937267351/index.html
Frame ID: DF4D84D85EC30BA47DED04ACA6891DEF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Frame ID: CE2E34A541D82CE84EC1972690C1D414
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Microsoft says it found malicious software from SolarWinds in its systems - Hindustan Times

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

347
Requests

77 %
HTTPS

31 %
IPv6

88
Domains

138
Subdomains

90
IPs

5
Countries

2834 kB
Transfer

8933 kB
Size

139
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035286&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682824616847&ns_c=UTF-8&c7=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&c8=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20-%20Hindustan%20Times&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035286&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682824616847&ns_c=UTF-8&c7=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&c8=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20-%20Hindustan%20Times&c9=
Request Chain 122
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/933842872/?random=50393387&cv=11&fst=1682824619629&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&label=ulfrCN3cvoIYELifpb0D&hn=www.googleadservices.com&frm=0&tiba=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20-%20Hindustan%20Times&value=0&auid=1411037945.1682824620&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=q91NZIL7K4WXNezYgOgL&sscte=1&crd=&eitems=ChAI8ICzogYQ_47m4sv_47ttEh0AI5nQcjhJ9Kwgs9VhWOV_ubd0kdYOTniO4MtcnQ&pscrd=Ek5DaEFJOElDem9nWVFqNU9UbDZYcmhiSkxFaVlBbnpUQjhNcWpLcHJWcnBCY1BvZmxXYzRCYkFMWXhpWXRGNnBXSEdUNzA2UUtQQnplTUEaWkNoRUk4SUN6b2dZUTI4S2Z2Y0RJM09mZ0FSSXVBUFlKdDc4a0FwU0FQWFdCZjA3REJLYndmNXFSRURTLWZDMkxjZ1lJMkVBMjBPZnh4UENESDVRQlhLOVh6Zw HTTP 302
  • https://www.google.com/pagead/1p-conversion/933842872/?random=50393387&cv=11&fst=1682824619629&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&label=ulfrCN3cvoIYELifpb0D&hn=www.googleadservices.com&frm=0&tiba=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20-%20Hindustan%20Times&value=0&auid=1411037945.1682824620&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOElDem9nWVFqNU9UbDZYcmhiSkxFaVlBbnpUQjhNcWpLcHJWcnBCY1BvZmxXYzRCYkFMWXhpWXRGNnBXSEdUNzA2UUtQQnplTUEaWkNoRUk4SUN6b2dZUTI4S2Z2Y0RJM09mZ0FSSXVBUFlKdDc4a0FwU0FQWFdCZjA3REJLYndmNXFSRURTLWZDMkxjZ1lJMkVBMjBPZnh4UENESDVRQlhLOVh6Zw&is_vtc=1&ocp_id=q91NZIL7K4WXNezYgOgL&cid=CAQSKQBygQiD0bXaTX23BMnoPgJs7PhTNDOSJvnYAMYN0Ugq01LzlnfIx4Gl&eitems=ChAI8ICzogYQ_47m4sv_47ttEh0AI5nQcv6nG7tqOwrGMChJyuxnbup5dPdlUe1Zjw&random=1618632219 HTTP 302
  • https://www.google.ca/pagead/1p-conversion/933842872/?random=50393387&cv=11&fst=1682824619629&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&label=ulfrCN3cvoIYELifpb0D&hn=www.googleadservices.com&frm=0&tiba=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20-%20Hindustan%20Times&value=0&auid=1411037945.1682824620&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOElDem9nWVFqNU9UbDZYcmhiSkxFaVlBbnpUQjhNcWpLcHJWcnBCY1BvZmxXYzRCYkFMWXhpWXRGNnBXSEdUNzA2UUtQQnplTUEaWkNoRUk4SUN6b2dZUTI4S2Z2Y0RJM09mZ0FSSXVBUFlKdDc4a0FwU0FQWFdCZjA3REJLYndmNXFSRURTLWZDMkxjZ1lJMkVBMjBPZnh4UENESDVRQlhLOVh6Zw&is_vtc=1&ocp_id=q91NZIL7K4WXNezYgOgL&cid=CAQSKQBygQiD0bXaTX23BMnoPgJs7PhTNDOSJvnYAMYN0Ugq01LzlnfIx4Gl&eitems=ChAI8ICzogYQ_47m4sv_47ttEh0AI5nQcv6nG7tqOwrGMChJyuxnbup5dPdlUe1Zjw&random=1618632219&ipr=y&prhg=0
Request Chain 123
  • https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Request Chain 128
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Request Chain 146
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&expiration=1685416620&gdpr=0&gdpr_consent=
Request Chain 147
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3drD4L2EtJ03xMOguA5AAADwsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOgHFjuz-m0LBZhmEbB0Eqo&google_cver=1
Request Chain 149
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE3drD4L2EtJ03xMOguA5AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGnk7xI7DUJr3P0qC7tDh8w&google_cver=1
Request Chain 150
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5228208061499362106
Request Chain 151
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZE3drD4L2EtJ03xMOguA5AAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZE3drD4L2EtJ03xMOguA5AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662259297245386
Request Chain 152
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=78ccb038-e705-11ed-82fe-30dce8bdf4b3
Request Chain 157
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=4dc13655-7864-4f56-8e77-3f84a75178d6
Request Chain 158
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3258262201455395000V10
Request Chain 159
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AAAz7E7Im7sAACF9d1f_9Q&ex=beeswax.com
Request Chain 160
  • https://visitor.omnitagjs.com/visitor/bsync?uid=ee28081dc141859df3e9c39bf89f63cf&name=AMAZON&url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadyoulike.com%26id%3D%7BuserId%7D HTTP 307
  • https://s.amazon-adsystem.com/ecm3?ex=adyoulike.com&id=e1e6a3c038967f34ccf1f8b429c14399
Request Chain 161
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=a25f37be
Request Chain 163
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=750B201F00374D3C9EC50C19E920AA21&ex=simpli.fi&status=ok
Request Chain 164
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=ESUImoe5nChfpHFV_GHT
Request Chain 167
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 168
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5539071858692007168&gdpr=0&gdpr_consent=
Request Chain 169
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=7c131bdd1e231072&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAF17eoD831RQMjvLsaAAAAAAA&expiration=1682911020&is_secure=true
Request Chain 173
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 174
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=5228208061499362106&ex=appnexus.com
Request Chain 175
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 176
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2282483648371981074416
Request Chain 183
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&expiration=1685416620&gdpr=0&gdpr_consent=
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3drD4L2EtJ03xMOguA5AAADwsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOgHFjuz-m0LBZhmEbB0Eqo&google_cver=1
Request Chain 186
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE3drD4L2EtJ03xMOguA5AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGnk7xI7DUJr3P0qC7tDh8w&google_cver=1
Request Chain 187
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1698635820&external_user_id=a45763cc-4f79-4147-9298-8ac5eafda2e1
Request Chain 189
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=bi9sRiiwWD1K7xIXMFDTrZU4mbk
Request Chain 190
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZE3drAAGheToBABa HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3drAAGheToBABa&_test=ZE3drAAGheToBABa
Request Chain 198
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAz7E7Im7sAACF9d1f_9Q&gdpr=0
Request Chain 199
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent=&rdf=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=1EC31412-D5A5-431C-B807-57F99054DBF9&gdpr=0&gdpr_consent=
Request Chain 200
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=ngQga9H8aoaq&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 201
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=3b92640b-6700-4192-92ac-f56bd806be70&gdpr=0&gdpr_consent=
Request Chain 205
  • https://match.adsrvr.org/track/cmf/openx?oxid=768a34f7-62d2-3a1f-50df-362dcd0d9eda&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&ttd_puid=768a34f7-62d2-3a1f-50df-362dcd0d9eda&gdpr=0&gdpr_consent=
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBPgkKbfyYJ1HVVfRaGd37Y&google_cver=1
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=MlVtaENNUnhMdEJ6dlpvNnRXc2lHUQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEGDg6PatSMHXpthFWnoD0Xo&google_cver=1
Request Chain 211
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=3b25f4e109ac1060&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAIulOa4EBlIgMMOEt6AAAAAAA&expiration=1682911020&nuid=&is_secure=true
Request Chain 213
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5228208061499362106
Request Chain 214
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_349be9a1-420f-4de7-bff4-0fe61e91a85b&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=gumgum2&bsw_user_id=4dc13655-7864-4f56-8e77-3f84a75178d6 HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=gumgum2&bsw_user_id=4dc13655-7864-4f56-8e77-3f84a75178d6 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=a2100230-3207-41b4-845f-466189cf5828&expires=3&user_group=1&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=4dc13655-7864-4f56-8e77-3f84a75178d6&gdpr=&gdpr_consent=&us_privacy=
Request Chain 215
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%2864VAaAO4b8J-jxnh7MhXDP-UHiTTn28WWPRaROzX767zCnPk2BLYcuLxZibgooJg%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%2864VAaAO4b8J-jxnh7MhXDP-UHiTTn28WWPRaROzX767zCnPk2BLYcuLxZibgooJg%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_349be9a1-420f-4de7-bff4-0fe61e91a85b&obuid=ENC(64VAaAO4b8J-jxnh7MhXDP-UHiTTn28WWPRaROzX767zCnPk2BLYcuLxZibgooJg) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=64VAaAO4b8J-jxnh7MhXDP-UHiTTn28WWPRaROzX767zCnPk2BLYcuLxZibgooJg HTTP 302
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=outbrain&bsw_custom_parameter=4dc13655-7864-4f56-8e77-3f84a75178d6 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=33aa4adb-0818-448e-95a3-5eb179cb7f90&ssp=outbrain&bsw_param=4dc13655-7864-4f56-8e77-3f84a75178d6 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=4dc13655-7864-4f56-8e77-3f84a75178d6&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 216
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=81b79087-4ac7-0249-37a4-26c0055d9f9c
Request Chain 217
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-6e2f6c46-28b0-583d-4aef-12173050d3ad$ip$149.56.153.185
Request Chain 218
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-W6i3dFNE2pecY6nyIziSG09.j6xVuEHjJiso~A
Request Chain 219
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=c79ccfdb-d24b-4fe5-8e25-4768c5a15144
Request Chain 220
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=568200899A48499D9AF846BF5A46F6A4
Request Chain 222
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_349be9a1-420f-4de7-bff4-0fe61e91a85b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=ESUImoe5nChfpHFV_GHT&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVCVGVKJNVXWKNLOINUGM4CIIZLF6R2IKQ HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVCVGVKJNVXWKNLOINUGM4CIIZLF6R2IKQ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=ESUImoe5nChfpHFV_GHT
Request Chain 223
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=bbe711ff-0958-43d1-a2ae-12ea1e8a0fe1
Request Chain 224
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=ngQga9H8aoaq&ev=1&pid=558355
Request Chain 225
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=123648273493992716
Request Chain 228
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEGNMfpuZeTsuSLVSkVQxBA8&google_cver=1
Request Chain 229
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LH2UBVNW-24-42XM
Request Chain 230
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=g7e5de49f3d7225ba876 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=g7e5de49f3d7225ba876 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=dbc01663-c844-4c7b-8d51-915c42e47094%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&ttd_puid=dbc01663-c844-4c7b-8d51-915c42e47094%2C%2C
Request Chain 231
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g7e5de49f3d7225ba876 HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6
Request Chain 246
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=b8aa644d-ddac-4200-9e46-df8bdf303fe7&gdpr=&gdpr_consent=
Request Chain 248
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZE3drAAGheToBABa&gdpr=&gdpr_consent=
Request Chain 251
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6
Request Chain 253
  • https://cs.admanmedia.com/sync/gumgum?puid=u_349be9a1-420f-4de7-bff4-0fe61e91a85b&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=6a267f58-9a27-4b1f-b242-d1be8c09a1de
Request Chain 255
  • https://dm-eu.hybrid.ai/match?id=407&burl=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153116%26dsp%3D520869%26t%3Dimage%26uid%3D%24%7BVID%7D HTTP 302
  • https://sync.adkernel.com/user-sync?zone=153116&dsp=520869&t=image&uid=c00c3da12606d9a78549
Request Chain 257
  • https://um.simpli.fi/lj_match?r=1682824620607&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=750B201F00374D3C9EC50C19E920AA21
Request Chain 258
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=986d7445-fd9d-4859-9705-5a4eb3759be0-644dddac-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D986d7445-fd9d-4859-9705-5a4eb3759be0-644dddac-4341%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253D986d7445-fd9d-4859-9705-5a4eb3759be0-644dddac-4341%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=986d7445-fd9d-4859-9705-5a4eb3759be0-644dddac-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D986d7445-fd9d-4859-9705-5a4eb3759be0-644dddac-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=986d7445-fd9d-4859-9705-5a4eb3759be0-644dddac-4341&gdpr=0&gdpr_consent=
Request Chain 259
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=Sgwg2la3C3RuQ141fRFL&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Request Chain 260
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=5228208061499362106&gdpr=0&gdpr_consent=
Request Chain 261
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&gdpr=0&gdpr_consent=
Request Chain 264
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=Sgwg2la3C3RuQ141fRFL&pi=gumgum&tc=1
Request Chain 265
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 275
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188715267948443
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HsMUEtWlQxy4B1f5kFTb-Q%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 278
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=1EC31412-D5A5-431C-B807-57F99054DBF9 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=dbc01663-c844-4c7b-8d51-915c42e47094%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&ttd_puid=dbc01663-c844-4c7b-8d51-915c42e47094%2C%2C
Request Chain 280
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=1EC31412-D5A5-431C-B807-57F99054DBF9&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=1EC31412-D5A5-431C-B807-57F99054DBF9&vxii_pid=12&vxii_pid1=10067&vxii_rcid=1de8fb0e-c49b-4e27-9dff-f3522c4d1540
Request Chain 281
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUVDMzE0MTItRDVBNS00MzFDLUI4MDctNTdGOTkwNTREQkY5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 282
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKO7zWNkbnZN9YvF0l55YHg&google_cver=1
Request Chain 283
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:750B201F00374D3C9EC50C19E920AA21
Request Chain 284
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7035511301371244188&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 285
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3drD4L2EtJ03xMOguA5AAADwsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOgHFjuz-m0LBZhmEbB0Eqo&google_cver=1
Request Chain 287
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE3drD4L2EtJ03xMOguA5AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGnk7xI7DUJr3P0qC7tDh8w&google_cver=1
Request Chain 288
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&expiration=1685416621&gdpr=0&gdpr_consent=
Request Chain 289
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=ec64dd5e-e417-4ad3-be4f-a40fc68e043f&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=4dc13655-7864-4f56-8e77-3f84a75178d6&gdpr=&gdpr_consent=&us_privacy=
Request Chain 290
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3drAAGheToBABa
Request Chain 291
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=33aa4adb-0818-448e-95a3-5eb179cb7f90&expiration=1714447021
Request Chain 292
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZE3drD4L2EtJ03xMOguA5AAA%263851&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=7c689596-9a14-4ec5-b113-99c94e6cbc40-tuctb47632d
Request Chain 300
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LH2UBVOH-11-A39I HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LH2UBVOH-11-A39I&ex=d-rubiconproject.com&status=ok
Request Chain 318
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEgyVUJWT0gtMTEtQTM5SQ== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDCch21M4vNQFp9_86J4Eek&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyVUJWT0gtMTEtQTM5SQ==&google_push=
Request Chain 319
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=g71-3bWDSga1MNm5C4XPqA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=g71-3bWDSga1MNm5C4XPqA
Request Chain 320
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/9Xreco49mpJzZnNKaBpcH8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-KLssO4lE2oJUTBtHcK.CQyVSO9wSkbHMaVn8QQ--~A
Request Chain 322
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&gdpr=0&gdpr_consent=&expires=30
Request Chain 323
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH2UBVOH-11-A39I
Request Chain 324
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBh8T0ZtbegRCvERxoQfeVg&google_cver=1
Request Chain 325
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LH2UBVOH-11-A39I HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LH2UBVOH-11-A39I
Request Chain 326
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzQzZDA1ODdkYTJkOTNmNzQ3MWZhMTRkYzk3NTgzNzAzMTVhOWQ2ZA
Request Chain 340
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

347 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request story-AcYtEwmLM9MGZBFXldoJyH.html
www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/ 		695 KB
120 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bc71e5ba4f8deb2107667a1851c7c4a4b72acf456be9738a708c7eec205ff410
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
public, must-revalidate, max-age=30
cachettl
content-encoding
gzip
content-language
en-CA
content-type
text/html;charset=UTF-8
date
Sun, 30 Apr 2023 03:16:56 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-server
ip-10-136-167-10.ap-south-1.compute.internal
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 30 Apr 2023 01:22:23 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
6873
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sun, 30 Apr 2023 03:22:23 GMT
blacker_pro_display-heavy-webfont.woff2
www.hindustantimes.com/static-content/1y/2023/ht-images/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/static-content/1y/2023/ht-images/blacker_pro_display-heavy-webfont.woff2
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ca5bc04162ed13edc29d641176de3ea070266f5632f454d8805910e560a3430
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Origin
https://www.hindustantimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
x-amz-request-id
ZFD7FMPJQSRD9683
cachettl
content-length
23016
x-amz-id-2
iZyjrecmbP/bMt2dLelddAVcydcItCQEe5+N68E6GZL8aEXHOlvf439eubFZ68mQCd+cfi4HzNg=
last-modified
Tue, 10 Jan 2023 12:15:38 GMT
server
AmazonS3
etag
"a71439dab7d44c3322b839f0928ed658"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
x-frame-options
SAMEORIGIN
accept-ranges
bytes
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.134.52 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-134-52.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 12:27:05 GMT
content-encoding
gzip
via
1.1 9614fd760660834f20ac759cf94964b6.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P7
age
53392
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
wBwwXHQPnVlVeXd9B4qU1CeBsOJIQN5x3Wm1pQR7JB3Qbffhs41_mQ==
publisher:getClientId
ampcid.google.com/v1/ 		74 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.hindustantimes.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
roadblock_ad_write.json
www.hindustantimes.com/static-content/5m/roadblock/prod/ 		110 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/static-content/5m/roadblock/prod/roadblock_ad_write.json
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3756c78fb8134d5e34d76107dfdaba284d58d1a7e004b0469129ce15fbc99aea
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
x-amz-request-id
TMNM167JR3QTM6FE
x-amz-server-side-encryption
AES256
cachettl
content-length
107
x-amz-id-2
3dbCwVG1IYDNcNQnPADdG3WyyQjR4mzsvnXz+DVqbP/Vb5Zdr4p3pP1zxyClEKgKbEeWYTWcDfolPQQrMZwUFw==
last-modified
Sun, 30 Apr 2023 03:15:01 GMT
server
AmazonS3
etag
"91deb9a530e27ecfeb2e6403c290dcc9"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/JSON
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
x-frame-options
SAMEORIGIN
accept-ranges
bytes
ht-logo.svg
www.hindustantimes.com/res/images/ 		17 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/res/images/ht-logo.svg
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a3afa0016e3a853cf2c6859dc00dd0261c5d325699ecf085f38f57afb963fc19
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
last-modified
Tue, 15 Sep 2020 11:43:03 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=2592000
x-server
ip-10-136-167-210.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
6319
exciting-deals.svg
www.hindustantimes.com/res/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/res/images/exciting-deals.svg
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fd34606e000073feb2becb9c588e190331d69bfd45fe7f056160f29d187bc6d6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
last-modified
Mon, 07 Nov 2022 10:02:32 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=2592000
x-server
ip-10-136-183-47.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
2114
white-close-icon.svg
www.hindustantimes.com/res/images/ 		461 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/res/images/white-close-icon.svg
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5efd225c130d072976c1ffa23f08703131dd2a6a7dea9cf3b05a11e09dbfc164
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
last-modified
Mon, 07 Nov 2022 10:02:32 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=2592000
x-server
ip-10-136-167-10.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
251
crown-icon.svg
www.hindustantimes.com/static-content/1y/2021/ 		896 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/static-content/1y/2021/crown-icon.svg
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dab9f5c68c52109c9128437b2c46c019e67bec2dfae150012457a91235910e33
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62
8096267
date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
x-amz-request-id
P8KMDXSM0G9CNXV9
cachettl
content-length
478
x-amz-id-2
asRCo5JF/H7OvfJjAsTAS/KIx7HEQkQHc2maYqfNihXZ8v7DIMFaz295MPu2NZD86vXRJkD8PJM=
last-modified
Tue, 28 Dec 2021 09:27:48 GMT
server
AmazonS3
etag
"794a26eeec579da8590f66129131d90c"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
x-frame-options
SAMEORIGIN
accept-ranges
bytes
1x1.jpg
www.hindustantimes.com/static-content/1y/ 		44 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/static-content/1y/1x1.jpg
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
041e987f5c4f8db84e964673ced0b32ad0459d28a4b42e8d463b72e0b90db4e0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 10:12:16 GMT
server
Akamai Image Manager
etag
"ebdd70c81db40cccb82b11f679314b2b"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET,OPTIONS
cache-control
max-age=7776000
cachettl
content-length
63
expires
Wed, 28 Jun 2023 10:12:26 GMT
close_game.svg
www.hindustantimes.com/static-content/1y/ 		534 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/static-content/1y/close_game.svg
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
52aed4109d144187ebc958b55f0e1f4ab04db3aca8f3f580a601f229d1a076aa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62
8096267
date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
x-amz-request-id
VRF8G0MQ5YTNRVQC
cachettl
content-length
284
x-amz-id-2
R0mbxv08RPna2Uv6xLdi47Nd4b1NqbsyvIgl04F/fbaQpigt73BscK+fMsIYSbnLuSgVEWp2c8I=
last-modified
Wed, 08 Sep 2021 12:44:32 GMT
server
AmazonS3
etag
"5499494ad602064f6266dd82cf489d2a"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
x-frame-options
SAMEORIGIN
accept-ranges
bytes
ht-sprite-5.svg
www.hindustantimes.com/static-content/1y/2023/ht-images/ 		189 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/static-content/1y/2023/ht-images/ht-sprite-5.svg
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
108b2370e908cf20ba094dbd83fcde2e366548d19165170fd6f1798f1340dd5e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
x-amz-request-id
822KV7DJ9PGEFCV4
x-amz-server-side-encryption
AES256
cachettl
content-length
114477
x-amz-id-2
eamUtnf4vsgsaYPWCw1UzkbVYZWlGpnQ6m+pjNO+MCGDFN+oPDtDXF2VOcFgAONOH24wm6vMnKI=
last-modified
Fri, 03 Feb 2023 05:49:38 GMT
server
AmazonS3
etag
"cb8271079da9fa79d4db973afbf0c956"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
x-frame-options
SAMEORIGIN
accept-ranges
bytes
weather-icon1.svg
www.hindustantimes.com/res/images/ 		634 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/res/images/weather-icon1.svg
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fd3132352a228ef8c8b7b1adda7fa34fe1986695b8d40037075d61e9d0ac11ad
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
last-modified
Wed, 26 Oct 2022 06:10:32 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=2592000
x-server
ip-10-136-183-10.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
357
york-microsoft-store-manhattan-pictured-borough-city_64b2e70e-40f7-11eb-ba42-7bdceb016500.jpg
images.hindustantimes.com/rf/image_size_630x354/HT/p2/2020/12/18/Pictures/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.hindustantimes.com/rf/image_size_630x354/HT/p2/2020/12/18/Pictures/york-microsoft-store-manhattan-pictured-borough-city_64b2e70e-40f7-11eb-ba42-7bdceb016500.jpg
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13:791::1833 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Server /
Resource Hash
cac323bf2793f6de192a3938b7be19ade41fc7e6fdb4d03ab04719e0a58e4285

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:58 GMT
last-modified
Tue, 22 Dec 2020 01:00:04 GMT
server
Akamai Image Server
etag
"ca82f27ee2b7e1a5b84db02814481bc0"
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/jpeg
access-control-allow-origin
*
cache-control
private, max-age=300
x-akamai-note
original-image
content-length
32930
expires
Sun, 30 Apr 2023 03:21:58 GMT
require.min.js
www.hindustantimes.com/res/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/res/js/require.min.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
4948c3fe4b57cd92118ec7b89deb99ff0eb2586a02c5f454df21c1ecfc144c81
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62
8096267
date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
last-modified
Mon, 15 Nov 2021 08:13:52 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-server
ip-10-136-183-14.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
6575
tracker.js
analytics.htmedia.in/analytics-js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.htmedia.in/analytics-js/tracker.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1400:d:5a7::1833 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
494b1cf9a1f2b1b4cbd127077a383aea34ccbcedf7ed6d02da42d2332f726d45

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:57 GMT
content-encoding
gzip
last-modified
Wed, 22 Feb 2023 13:14:23 GMT
server
AkamaiNetStorage
etag
"f044b17787475e34bc126c8b060e0cb0:1677071663.140103"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1800
accept-ranges
bytes
content-length
28358
expires
Sun, 30 Apr 2023 03:46:57 GMT
google-follow-new.png
www.hindustantimes.com/static-content/1y/2023/ht-images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/static-content/1y/2023/ht-images/google-follow-new.png
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
cbdc9209467644b036aee461ce823bb651862f7c5d158048946ef4fd34e06bbe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 10:30:18 GMT
server
Akamai Image Manager
etag
"f7c5c48a6bf1f93da75c683136f17e44"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET,OPTIONS
cache-control
max-age=7776000
cachettl
content-length
1831
expires
Wed, 28 Jun 2023 10:31:46 GMT
dropdown-arrow.svg
www.hindustantimes.com/res/images/ 		297 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/res/images/dropdown-arrow.svg
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
31abf3ae8d53b7cc03c6e16e3d8fe6f82e7b43eef82483e35763eee4710e7b77
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
last-modified
Wed, 26 Oct 2022 06:10:32 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=2592000
x-server
ip-10-136-183-224.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
229
right-arrow.png
www.hindustantimes.com/static-content/1y/2023/ht-images/ 		196 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/static-content/1y/2023/ht-images/right-arrow.png
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
8fe7ed16f09514c31cd8090ae2f0dd3f669e4ace78259bd9e20c1b710a3dffab
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 10:19:06 GMT
server
Akamai Image Manager
etag
"3ca1771187d927cf0dad6f67b524b9d1"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-allow-methods
GET,OPTIONS
cache-control
max-age=7776000
cachettl
content-length
183
expires
Wed, 28 Jun 2023 10:18:55 GMT
my-offer-icon.svg
www.hindustantimes.com/res/images/ 		5 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/res/images/my-offer-icon.svg
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9245e02150be964f8594f30608ecd1783700ca2147b6e569347e792e7d608031
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
last-modified
Mon, 07 Nov 2022 10:02:32 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=2592000
x-server
ip-10-136-183-108.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
1142
publisher:getClientId
ampcid.google.ca/v1/ 		3 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.ca/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.hindustantimes.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035286&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682824616847&ns_c=UTF-8&c7=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-ma...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035286&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682824616847&ns_c=UTF-8&c7=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-m...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035286&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682824616847&ns_c=UTF-8&c7=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&c8=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20-%20Hindustan%20Times&c9=
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Server
18.172.134.52 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-134-52.ord56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:57 GMT
via
1.1 9614fd760660834f20ac759cf94964b6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
ORD56-P7
x-amz-cf-id
DKPkNt1K6xFbrihO2ePcjGuQ7jvW3uS8w_M4tpfwv5BgVeFawSJfdQ==
x-cache
Miss from cloudfront

Redirect headers

date
Sun, 30 Apr 2023 03:16:56 GMT
via
1.1 9614fd760660834f20ac759cf94964b6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
ORD56-P7
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6035286&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1682824616847&ns_c=UTF-8&c7=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&c8=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20-%20Hindustan%20Times&c9=
content-length
0
x-amz-cf-id
NFAercWdwQ9ibrVQaH2AO5tGLTLUu2nVmzTAzjTPrTNM5OoPJxsjHA==
custom.min.js
www.hindustantimes.com/res/js/ 		228 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/res/js/custom.min.js?v1=340
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a7791b973d74b970ec64f29e654429f42b48316abc8eb394b0400da8b44c86b5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 11:21:43 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-server
ip-10-136-183-251.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
47790
jquery-3.5.1.min.js
www.hindustantimes.com/static-content/1y/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/static-content/1y/jquery-3.5.1.min.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
x-amz-request-id
8DCPC9EN141KETWT
cachettl
content-length
30950
x-amz-id-2
bRhme5NCSi+BkKpVUHdL0MfJX683wzYLGrHBFAr0RX3UeRR2uzbtawbeKYwZ9DRxdfL7LCpqRag=
last-modified
Mon, 19 Dec 2022 08:04:14 GMT
server
AmazonS3
etag
"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
x-frame-options
SAMEORIGIN
accept-ranges
bytes
common.min.js
www.hindustantimes.com/res/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/res/js/common.min.js?v=34
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
09649d1b3c5f9960482de947dfe7f0af2e7b95ec715bbac90f8a32fac453f98d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
last-modified
Fri, 03 Feb 2023 11:13:43 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-server
ip-10-136-183-194.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
2989
lozad.min.js
cdn.jsdelivr.net/npm/lozad/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 30 Apr 2023 03:16:56 GMT
x-content-type-options
nosniff
content-encoding
br
age
8190
x-jsd-version
1.16.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1295
x-served-by
cache-fra-eddf8230052-FRA, cache-yul12834-YUL
x-jsd-version-type
version
etag
W/"c17-/CtD5WDEW7iHrdmPF7CEBoqSMss"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ads.min.js
www.hindustantimes.com/res/js/ 		68 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/res/js/ads.min.js?v=126
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7940c418dfe1508f8dc7869fe30b82f865040e5ac8dd14bbeb95eb4d0c7fc668
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 06:08:09 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-server
ip-10-136-167-72.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
9336
env.js
www.hindustantimes.com/res/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/res/js/env.js?v=16
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
65b9197c736cc253fafd1d2b79a386d71b5facb27300a5b6f47a625916b8c5f2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
last-modified
Thu, 05 Jan 2023 15:56:20 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-server
ip-10-136-183-194.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
1250
right-left-zone.min.js
www.hindustantimes.com/res/js/ 		36 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/res/js/right-left-zone.min.js?v=8
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
20d3af8430cc216cdefa23788c8321b8e0795bbd0703588793443f507d280707
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
last-modified
Fri, 31 Mar 2023 13:13:50 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-server
ip-10-136-183-14.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
7116
jquery-ui.min.js
www.hindustantimes.com/res/js/ 		310 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/res/js/jquery-ui.min.js?v=5
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf744521e3a64c8a3ef55306f54f36d69b05442e8caadc6767c15dfc74e2edaa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:56 GMT
content-encoding
gzip
last-modified
Wed, 26 Oct 2022 06:10:32 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-server
ip-10-136-167-61.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
77109
collect
www.google-analytics.com/j/ 		4 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=974567561&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&ul=en-us&de=UTF-8&dt=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20-%20Hindustan%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ht_site&ea=Story_open&el=direct&_u=aEBAAEABAAQCACAAI~&jid=1990253115&gjid=377340597&cid=1069195539.1682824617&tid=UA-1431719-1&_gid=1097292624.1682824617&_r=1&_slc=1&cd2=&cd3=business&cd4=&cd5=12182020-11%3A39%3A06&cd6=Microsoft&cd47=false&cd48=101608335843730&cd9=&cd13=747&cd49=story&z=1218978203
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:16:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hindustantimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
hindustantimes_notification_logo.png
www.hindustantimes.com/resources/img/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/resources/img/hindustantimes_notification_logo.png
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:57 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 10:35:05 GMT
server
Akamai Image Manager
x-serial
1634
x-check-cacheable
YES
etag
"218df95f73c46723f237c1db9b21b9a5"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7776000
meta-geo
CA--QC--MONTREAL
cachettl
content-length
20
expires
Wed, 28 Jun 2023 10:35:32 GMT
new-delhi.json
www.hindustantimes.com/static-content/5m/weather/ 		501 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/static-content/5m/weather/new-delhi.json
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8351ec9aaba13e39ccfc29b7632e3ff322f2ebdc7de5e3a96ab3c6e6c4c8c345
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:57 GMT
content-encoding
gzip
x-amz-request-id
BGN8ATA4NNMXP4WS
x-amz-server-side-encryption
AES256
cachettl
content-length
334
x-amz-id-2
+cU5TKIJkocPpORobY4u4Q6TY42K1F/BTq61iPeqCPE0Dk5bgQCOzNPniJME6isKxoAiOBGyOE4=
last-modified
Sun, 30 Apr 2023 03:00:18 GMT
server
AmazonS3
etag
"b295eb108936aecba9f117dc7556dbb3"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
x-frame-options
SAMEORIGIN
accept-ranges
bytes
newsletter-archives.json
www.hindustantimes.com/res/images/json/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/res/images/json/newsletter-archives.json
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fcce259f8477c530ebf6534d4a4eef76a61119dbd84077dacf7ae0d36b54a20c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:57 GMT
content-encoding
gzip
last-modified
Fri, 28 Apr 2023 13:39:40 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
max-age=274
x-server
ip-10-136-183-14.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
1576
hindustantimes_notification_logo.png
www.hindustantimes.com/resources/img/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/resources/img/hindustantimes_notification_logo.png
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:57 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 10:35:05 GMT
server
Akamai Image Manager
x-serial
1634
x-check-cacheable
YES
etag
"218df95f73c46723f237c1db9b21b9a5"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7776000
meta-geo
CA--QC--MONTREAL
cachettl
content-length
20
expires
Wed, 28 Jun 2023 10:35:32 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=974567561&t=pageview&_s=2&dl=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&ul=en-us&de=UTF-8&dt=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20-%20Hindustan%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAQCACAAI~&jid=&gjid=&cid=1069195539.1682824617&tid=UA-1431719-1&_gid=1097292624.1682824617&cd2=&cd3=business&cd4=&cd5=12182020-11%3A39%3A06&cd6=Microsoft&cd47=false&cd48=101608335843730&cd9=&cd13=747&cd49=story&z=2022273753
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 22:30:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17215
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
story.min.js
www.hindustantimes.com/res/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/res/js/story.min.js?v=34
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6f439f9d2a85dcdc13d4fa0392e5644b74c689c570a953aca12198f6cfa82f4e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:57 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 11:21:43 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-server
ip-10-136-183-14.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
2571
hindustantimes_notification_logo.png
www.hindustantimes.com/resources/img/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/resources/img/hindustantimes_notification_logo.png
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:57 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 10:35:05 GMT
server
Akamai Image Manager
x-serial
1634
x-check-cacheable
YES
etag
"218df95f73c46723f237c1db9b21b9a5"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7776000
meta-geo
CA--QC--MONTREAL
cachettl
content-length
20
expires
Wed, 28 Jun 2023 10:35:32 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-1431719-1&cid=1069195539.1682824617&jid=1990253115&gjid=377340597&_gid=1097292624.1682824617&_u=aEBAAEAAAAQCACAAI~&z=1923756580
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 30 Apr 2023 03:16:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hindustantimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
infinite-scroll.pkgd.min.js
www.hindustantimes.com/res/js/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/res/js/infinite-scroll.pkgd.min.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b82a0c7d294927d2e659450d8bb597472b95bc0ffbee01eca8e71e90d9015b69
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:57 GMT
content-encoding
gzip
last-modified
Thu, 23 Dec 2021 08:25:06 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-server
ip-10-136-183-10.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
6894
internalSync
dap.hindustantimes.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dap.hindustantimes.com/internalSync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.7.218.223 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-218-223.ap-south-1.compute.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.hindustantimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-origin
https://www.hindustantimes.com
content-length
0
date
Sun, 30 Apr 2023 03:16:57 GMT
server
akka-http/10.0.9
internalSync
dap.hindustantimes.com/ 		36 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dap.hindustantimes.com/internalSync
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.7.218.223 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-218-223.ap-south-1.compute.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
eefa5ddfaeda2700a8a0a92b2aa3a88f32dd3197c052c0f913b32a773e9a669a

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.hindustantimes.com
date
Sun, 30 Apr 2023 03:16:58 GMT
access-control-allow-credentials
true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server
akka-http/10.0.9
content-length
36
content-type
text/plain; charset=UTF-8
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1431719-1&cid=1069195539.1682824617&jid=1990253115&_u=aEBAAEAAAAQCACAAI~&z=866402734
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:16:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1431719-1&cid=1069195539.1682824617&jid=1990253115&_u=aEBAAEAAAAQCACAAI~&z=866402734
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:16:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-spa-1184.min.js
js-agent.newrelic.com/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1184.min.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ac927bf968f13f78b024de0f986ca3a18d95852aee8423f748d252fca5c5c96
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 03:16:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
BZZ4EXB2C02CN1CM
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14379
x-amz-id-2
EvFJFBfYddXjkz+9lCkDu70o2hqSM71wvpV7007BPerAbuUPRtc0a9bfwcM0NnjoBoOkHXSCHEY=
x-served-by
cache-yul12824-YUL
last-modified
Mon, 28 Sep 2020 16:34:47 GMT
server
AmazonS3
x-timer
S1682824618.449729,VS0,VE0
etag
"6b93dbf34696df852c6d69d1652851de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
8
NRJS-777eaf04e06b2329598
bam.nr-data.net/1/ 		57 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-777eaf04e06b2329598?a=729891994&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=2449&ck=0&ref=https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html&be=694&fe=2405&dc=780&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1682824616013,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:224,%22c%22:224,%22s%22:242,%22ce%22:279,%22rq%22:280,%22rp%22:578,%22rpe%22:680,%22dl%22:582,%22di%22:781,%22ds%22:781,%22de%22:781,%22dc%22:2404,%22l%22:2405,%22le%22:2407%7D,%22navigation%22:%7B%7D%7D&fp=742&fcp=742&jsonp=NREUM.setToken
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:16:58 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript;charset=iso-8859-1
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
7bfca109ccae8c47-EWR
tp2
dap.hindustantimes.com/com.htdigital.streams/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dap.hindustantimes.com/com.htdigital.streams/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.7.218.223 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-218-223.ap-south-1.compute.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hindustantimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-origin
https://www.hindustantimes.com
content-length
0
date
Sun, 30 Apr 2023 03:16:58 GMT
server
akka-http/10.0.9
tp2
dap.hindustantimes.com/com.htdigital.streams/ 		2 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dap.hindustantimes.com/com.htdigital.streams/tp2
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.7.218.223 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-218-223.ap-south-1.compute.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Sun, 30 Apr 2023 03:16:58 GMT
server
akka-http/10.0.9
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hindustantimes.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control
no-cache
access-control-allow-credentials
true
content-length
2
ht-fonts.css
www.hindustantimes.com/res/css/ 		2 KB
629 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/res/css/ht-fonts.css?v=1
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
4b9599a95b0a9a24ed1730654184cde7274cf5312980d66dc149359436a5c134
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:58 GMT
content-encoding
gzip
last-modified
Mon, 07 Nov 2022 10:02:32 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
x-server
ip-10-136-183-194.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
373
styles.css
www.hindustantimes.com/res/css/ 		149 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/res/css/styles.css?v2=23
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1f1e1beb5ca52a2ca3b1393819ef532934d306a8038d99d2635f92d3f2d2da35
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:58 GMT
content-encoding
gzip
last-modified
Wed, 26 Apr 2023 07:53:40 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
x-server
ip-10-136-183-126.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
24121
NRJS-777eaf04e06b2329598
bam.nr-data.net/events/1/ 		24 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/NRJS-777eaf04e06b2329598?a=729891994&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=2942&ck=0&ref=https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

Date
Sun, 30 Apr 2023 03:16:59 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.hindustantimes.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
7bfca10c8f6b8c47-EWR
Content-Length
24
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v23/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/res/css/ht-fonts.css?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hindustantimes.com/
Origin
https://www.hindustantimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 08:20:25 GMT
x-content-type-options
nosniff
age
68194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13976
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:50:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 08:20:25 GMT
ht-logo.png
www.hindustantimes.com/res/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/res/images/ht-logo.png
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/res/css/styles.css?v2=23
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
ec712264cada21aa8ed5ff117d1f92bc668be0bb56fe307e3793c80c82dee5b2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/res/css/styles.css?v2=23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 10:44:41 GMT
x-serial
83
server
Akamai Image Manager
x-check-cacheable
YES
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7776000
cachettl
content-length
4568
expires
Wed, 28 Jun 2023 10:44:49 GMT
register-free-icon.svg
www.hindustantimes.com/res/images/ 		3 KB
956 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/res/images/register-free-icon.svg
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/res/css/styles.css?v2=23
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bc68313d3c2a33d167af7c8de4192538731ce689e1e9bb2ec53d9253793dcec5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/res/css/styles.css?v2=23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Mon, 07 Nov 2022 10:02:32 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=2592000
x-server
ip-10-136-183-10.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
696
stars.svg
www.hindustantimes.com/res/images/ 		1 KB
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/res/images/stars.svg
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/res/css/styles.css?v2=23
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8d43b83dff12be89815c9e9d6ee53f9cf3d32d56464a7e13d603dea0a7197841
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/res/css/styles.css?v2=23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Mon, 07 Nov 2022 10:02:32 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=2592000
x-server
ip-10-136-183-10.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
615
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v23/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/res/css/ht-fonts.css?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hindustantimes.com/
Origin
https://www.hindustantimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 08:32:27 GMT
x-content-type-options
nosniff
age
67472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14148
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 08:32:27 GMT
S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v23/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/res/css/ht-fonts.css?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d6adcfb38e24014d6ea4953f870f2397de4d4f7b917ac526302049d857c60f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hindustantimes.com/
Origin
https://www.hindustantimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 02:14:31 GMT
x-content-type-options
nosniff
age
90148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13732
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:45:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 02:14:31 GMT
101606209437749
api.hindustantimes.com/api/collections/ 		173 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hindustantimes.com/api/collections/101606209437749
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:b000::684d:9908 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7fb5ac3c18eeeff1d289a353fc9c12d37fb75d1b0df495c11de1515dc8403e0e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD, PUT
content-type
*
access-control-allow-origin
https://www.hindustantimes.com
x-server
ip-10-136-183-14.ap-south-1.compute.internal
access-control-allow-credentials
true
meta-geo
CA--QC--MONTREAL
access-control-allow-headers
*
content-length
33265
101606314351968
api.hindustantimes.com/api/collections/ 		159 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hindustantimes.com/api/collections/101606314351968
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:b000::684d:9908 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
eea5f35fb8fc5fad9dae7efeec2fc44470dfdf38cd6e84e04b9befd8cf7fff17

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD, PUT
content-type
*
access-control-allow-origin
https://www.hindustantimes.com
x-server
ip-10-136-167-10.ap-south-1.compute.internal
access-control-allow-credentials
true
meta-geo
CA--QC--MONTREAL
access-control-allow-headers
*
content-length
29102
101615281411240
api.hindustantimes.com/api/collections/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hindustantimes.com/api/collections/101615281411240
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:b000::684d:9908 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7a1bfdc092ed5f961feede8ca999d499082dc30c7645393492666e5a2e92b3a6

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD, PUT
content-type
*
access-control-allow-origin
https://www.hindustantimes.com
x-server
ip-10-136-183-14.ap-south-1.compute.internal
access-control-allow-credentials
true
meta-geo
CA--QC--MONTREAL
access-control-allow-headers
*
content-length
1553
latest
api.hindustantimes.com/api/app/homenew/sectionfeed/v2/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hindustantimes.com/api/app/homenew/sectionfeed/v2/latest?size=5
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:b000::684d:9908 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9f00f67e2e1e3698fe03f5ff8d9e947190a58faa034981ebee9e36d9536b0041

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD, PUT
content-type
*
access-control-allow-origin
https://www.hindustantimes.com
x-server
ip-10-136-183-14.ap-south-1.compute.internal
access-control-allow-credentials
true
meta-geo
CA--QC--MONTREAL
access-control-allow-headers
*
content-length
2339
trending-stories-section
personalize.hindustantimes.com/ 		188 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://personalize.hindustantimes.com/trending-stories-section?propertyId=ht&platformId=web&sectionName=photos&subSectionName=photos@entertainment&numStories=50
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:b000::684d:9929 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
gunicorn /
Resource Hash
10a1d2dde2beceb5c006df219c11c37b9429a5c11715659765adc56daf661caa

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
server
gunicorn
vary
Accept-Encoding
access-control-allow-methods
https://www.hindustantimes.com
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.hindustantimes.com
access-control-allow-credentials
true
access-control-allow-headers
GET, OPTIONS
content-length
23320
trending-stories-section
personalize.hindustantimes.com/ 		84 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://personalize.hindustantimes.com/trending-stories-section?propertyId=ht&platformId=web&sectionName=videos&subSectionName=videos@entertainment&numStories=50
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:b000::684d:9929 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
gunicorn /
Resource Hash
d5759b6ef79a6f02f4ab33658567e9699834f54c9dd3950d06f38aeb106d201a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
server
gunicorn
vary
Accept-Encoding
access-control-allow-methods
https://www.hindustantimes.com
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.hindustantimes.com
access-control-allow-credentials
true
access-control-allow-headers
GET, OPTIONS
content-length
9725
collections
api.hindustantimes.com/api/ 		244 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hindustantimes.com/api/collections?ids=101654153994159,101606719759208
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:b000::684d:9908 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6eb95fc228dda066a888f80feca6531805abe7f9c62fda0e93ec3ed9e2f875cb

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD, PUT
content-type
*
access-control-allow-origin
https://www.hindustantimes.com
x-server
ip-10-136-167-14.ap-south-1.compute.internal
access-control-allow-credentials
true
meta-geo
CA--QC--MONTREAL
access-control-allow-headers
*
content-length
40932
popular-story
personalize.hindustantimes.com/ 		21 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://personalize.hindustantimes.com/popular-story?propertyId=ht&articleType=story&platformId=web&numStories=5
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:b000::684d:9929 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
gunicorn /
Resource Hash
b421dbd1b36da7cdde10c7cb073e0844d54184e4e7b9e88d49e23c155117ca57

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
server
gunicorn
vary
Accept-Encoding
access-control-allow-methods
https://www.hindustantimes.com
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.hindustantimes.com
access-control-allow-credentials
true
access-control-allow-headers
GET, OPTIONS
content-length
3235
roadblock_ad_read.json
www.hindustantimes.com/static-content/5m/roadblock/prod/ 		153 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/static-content/5m/roadblock/prod/roadblock_ad_read.json
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29af0e9a018beaebdf4d617c41512d22da6db0d2bd8d46c76dde3364464bfe0b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
x-amz-request-id
9PADM6X4M38V0QEZ
x-amz-server-side-encryption
AES256
cachettl
content-length
134
x-amz-id-2
cBXZy767bKpuQvYCalfq8wOfCwNLE0h+COi9IdYSF790yrDMszb6m4yVRAZpXIid5zdTXdpEHC4=
last-modified
Sat, 29 Apr 2023 04:16:13 GMT
server
AmazonS3
etag
"d0026d4bb906517851d28d6aa12768c7"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/JSON
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
x-frame-options
SAMEORIGIN
accept-ranges
bytes
mann_ki_baat_1682815040803_1682815062082.jpg
www.hindustantimes.com/ht-img/img/2023/04/30/550x309/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/ht-img/img/2023/04/30/550x309/mann_ki_baat_1682815040803_1682815062082.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9f6477c9923cb4067fd5e7f8a6c930613530d594809f9146e3a17ec73411830b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Sun, 30 Apr 2023 00:41:27 GMT
server
Akamai Image Manager
x-serial
1914
x-check-cacheable
YES
etag
"568c295495e6305081e70b9f2044fff7"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/avif
cache-control
max-age=7776000
cachettl
content-length
11247
expires
Sat, 29 Jul 2023 00:42:20 GMT
Britain-Police-2_1682817690440_1682817721084.jpg
www.hindustantimes.com/ht-img/img/2023/04/30/257x145/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/ht-img/img/2023/04/30/257x145/Britain-Police-2_1682817690440_1682817721084.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
5329dfc56daab20865fcf4845efe48fbc740bf32672203e878cd029d1f36a9d0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Sun, 30 Apr 2023 01:30:57 GMT
server
Akamai Image Manager
etag
"d4541956ff4b6947006edb64a9dacbf3"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/avif
cache-control
max-age=7776000
cachettl
content-length
7080
expires
Sat, 29 Jul 2023 01:30:55 GMT
gavaskar_rohit_1682788709475_1682788721127.jpg
www.hindustantimes.com/ht-img/img/2023/04/29/257x145/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/ht-img/img/2023/04/29/257x145/gavaskar_rohit_1682788709475_1682788721127.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
cd3fc63b04cc43fbed4f2cc71919b520cffbb13931a62a4facf2140d0548f053
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Sun, 30 Apr 2023 01:53:44 GMT
server
Akamai Image Manager
x-serial
933
x-check-cacheable
YES
etag
"b7aba87924f102ed04f84cdab4d1e306"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/avif
cache-control
max-age=7776000
cachettl
content-length
6561
expires
Sat, 29 Jul 2023 01:55:02 GMT
WhatsApp_Image_2023-04-29_at_9.05.55_AM_1682819707527_1682819726772.jpeg
www.hindustantimes.com/ht-img/img/2023/04/30/257x145/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/ht-img/img/2023/04/30/257x145/WhatsApp_Image_2023-04-29_at_9.05.55_AM_1682819707527_1682819726772.jpeg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
08ee200fda2e4c128ee24308c4160a9341ed18d11c50c46d2d59504acf5830c0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Sun, 30 Apr 2023 02:02:35 GMT
server
Akamai Image Manager
etag
"de79456fa67abd42c9febd3ec264ea30"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/avif
cache-control
max-age=7776000
cachettl
content-length
9063
expires
Sat, 29 Jul 2023 02:01:16 GMT
sugar_craving_1682781203673_1682781241814.jpg
www.hindustantimes.com/ht-img/img/2023/04/29/550x309/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/ht-img/img/2023/04/29/550x309/sugar_craving_1682781203673_1682781241814.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
b142a0f06fadb25b610bd3dcca9aba7e0c44eda8e68aec4d6eead63ee4f0c92c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 15:19:39 GMT
server
Akamai Image Manager
x-serial
678
x-check-cacheable
YES
etag
"f6b420293bbaef3aee400495008c2aaf"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/avif
cache-control
max-age=7776000
cachettl
content-length
8749
expires
Fri, 28 Jul 2023 15:17:38 GMT
s_1682776620103_1682776662580.jpg
www.hindustantimes.com/ht-img/img/2023/04/29/550x309/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/ht-img/img/2023/04/29/550x309/s_1682776620103_1682776662580.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9881d7f2e7cac1b7ba54b7ca29ac377371d12ad803c57fe4933c205e228cfdd7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 14:01:11 GMT
server
Akamai Image Manager
etag
"d7ce1219b79a2d654da698623ba4ea40"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/avif
cache-control
max-age=7776000
cachettl
content-length
16535
expires
Fri, 28 Jul 2023 14:00:34 GMT
India-IPL-Cricket-132_1682790760354_1682790868976.jpg
www.hindustantimes.com/ht-img/img/2023/04/29/550x309/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/ht-img/img/2023/04/29/550x309/India-IPL-Cricket-132_1682790760354_1682790868976.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
419374628629e0ae0677b0316d4d7d0999f00720ad5aea50aa347734f1cb6c23
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 18:01:48 GMT
server
Akamai Image Manager
x-serial
1323
x-check-cacheable
YES
etag
"ca908a3e32387abcc0035d4caa257db9"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/avif
cache-control
max-age=7776000
cachettl
content-length
12768
expires
Fri, 28 Jul 2023 17:59:35 GMT
FujUQ11WYAE7AON_1682751871129_1682752649451.jpg
www.hindustantimes.com/ht-img/img/2023/04/29/550x309/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/ht-img/img/2023/04/29/550x309/FujUQ11WYAE7AON_1682751871129_1682752649451.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
98f96655fed38a388418298d64b1ac2b9661ad5b184b8ccd5d914611247bd739
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 07:28:17 GMT
server
Akamai Image Manager
etag
"401af7a9f8f727aa76b2118636c88a19"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/avif
cache-control
max-age=7776000
cachettl
content-length
34102
expires
Fri, 28 Jul 2023 07:29:26 GMT
CRICKET-IND-IPL-T20-KOLKATA-GUJARAT-56_1682781023819_1682781227546.jpg
www.hindustantimes.com/ht-img/img/2023/04/29/550x309/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/ht-img/img/2023/04/29/550x309/CRICKET-IND-IPL-T20-KOLKATA-GUJARAT-56_1682781023819_1682781227546.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
728c291533a94b0c1c7491d56c97369654391f73e9c5043517fac33586931bb2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 15:17:34 GMT
server
Akamai Image Manager
x-serial
738
x-check-cacheable
YES
etag
"9583497e3630d18a1d8e60489acf6a58"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/avif
cache-control
max-age=7776000
cachettl
content-length
12692
expires
Fri, 28 Jul 2023 15:18:38 GMT
camera-icon.svg
www.hindustantimes.com/res/images/ 		2 KB
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/res/images/camera-icon.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
30511e836ccb99953ebc45fd4f40352fde77aff9d923a08dd09df62934e204e2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Wed, 26 Oct 2022 06:10:32 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=2592000
x-server
ip-10-136-167-14.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
651
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24d3:5400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:33:56 GMT
content-encoding
gzip
via
1.1 5647511d062c45afbc12f07f0387a9b8.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:02:37 GMT
server
nginx
x-amz-cf-pop
ORD58-P4
age
74583
etag
W/"639218ad-11856"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
R5MY0bWjF6weJIajZpoY4cw4_oxNiuMwJVUMiatTZlIhyLfhdmojew==
expires
Sun, 30 Apr 2023 06:33:56 GMT
ge
dap.hindustantimes.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dap.hindustantimes.com/ge
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.7.218.223 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-218-223.ap-south-1.compute.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hindustantimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-origin
https://www.hindustantimes.com
content-length
0
date
Sun, 30 Apr 2023 03:16:59 GMT
server
akka-http/10.0.9
gtm.js
www.googletagmanager.com/ 		247 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TFD6PTW
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7550e90e23baa796361ce6025cc326c61e34b2d764e593baae595196fced3ec0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75780
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 30 Apr 2023 03:16:59 GMT
gtm.js
www.googletagmanager.com/ 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MXGJR36
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b1cd13276ce3ee8e0eb26dc73ba78dbf7d6cf835702a1d4c7e9932b1bc74cfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39447
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 30 Apr 2023 03:16:59 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea3efd2376af8917207dccc8968ac2588edff25499facc753f75c18b4721f11d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24760
x-xss-protection
0
server
cafe
etag
208 / 19477 / 31074163 / config-hash: 17856767610576847833
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 03:16:59 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/156370/2494/ 		764 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/156370/2494/pwt.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
84a474bc1a6511d0932a2fb4a3aceb65668960056936ee2042dc93c912359511

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Mon, 24 Apr 2023 06:46:19 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=142321
accept-ranges
bytes
content-length
151679
expires
Mon, 01 May 2023 18:49:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		227 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.197.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-197-128.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5336e341bf88d1798de998944eb812582d4f522583b3be6fe4b366f6bb9426a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:39:55 GMT
content-encoding
gzip
via
1.1 ea4a33625617615e13496b292edda6d6.cloudfront.net (CloudFront), 1.1 337d1825797be2e0eb9264f0a8d32caa.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 19:15:17 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1, ORD56-P5
age
2225
etag
W/"644915d59292b7496ff86a0d2c460fce"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
LqZSyrPM4EgGGWmffm-Y8PVaQjW-lZ5VdvPhxOFNBZFUNyk8YCJcgQ==
ge
dap.hindustantimes.com/ 		2 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dap.hindustantimes.com/ge
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.7.218.223 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-218-223.ap-south-1.compute.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
server
akka-http/10.0.9
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hindustantimes.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control
no-cache
access-control-allow-credentials
true
content-length
2
lt.min.js
tags.crwdcntrl.net/lt/c/16343/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16343/lt.min.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
48c81acc50e12e9efa75c9ac1a035f07acb632d4714778a0a133e599fa565e32

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 00:30:36 GMT
content-encoding
gzip
via
1.1 7f9c24c13cc1a16d2c6ea3097e4958fa.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 00:08:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
9984
x-amz-server-side-encryption
AES256
etag
W/"3d3861e505f13343b0d5cc85c194b24a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
GGYJVgSzOkoESF2Ae2CcUlz-vBmkkYe35nYP-oxBjSsVEbL7hXwcUQ==
data
bcp.crwdcntrl.net/6/ 		569 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.153.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-153-83.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
4bd93f824f6de302f6661ad4b7fe1d06eace3d4c7fe56310ccafc4737e5af45d

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:16:59 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.hindustantimes.com
cache-control
no-cache
x-server
10.40.46.140
access-control-allow-credentials
true
content-length
569
expires
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/ 		398 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074163
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 21:37:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
20366
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126109
x-xss-protection
0
server
cafe
etag
6695821980177688499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 28 Apr 2024 21:37:33 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		3 KB
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.hindustantimes.com
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
394a22b72ba9be02e69ea3444530fc850f941a2e8cd065c5658c5cf00bdbe732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
703
x-xss-protection
0
expires
Sun, 30 Apr 2023 03:16:59 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:50:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
1594
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 30 Apr 2023 03:50:25 GMT
analytics.js
www.google-analytics.com/ 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 30 Apr 2023 01:22:23 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
6876
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sun, 30 Apr 2023 03:22:23 GMT
optimize.js
www.google-analytics.com/gtm/ 		120 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-5QPSCV4
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c5b6207bc74415210d5b2669c3692642664a69bd8656cce38b8dd14b8909861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
47203
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 30 Apr 2023 03:16:59 GMT
/
www.googleadservices.com/pagead/conversion/933842872/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/933842872/?random=1682824619629&cv=11&fst=1682824619629&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&label=ulfrCN3cvoIYELifpb0D&hn=www.googleadservices.com&frm=0&tiba=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20-%20Hindustan%20Times&value=0&bttype=purchase&auid=1411037945.1682824620&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
d9b2126118f749e45fe78fb2e50a1448a4dc73017525fa632de48b1bf5b0486c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1712
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		223 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CGQQPTKRWT&l=dataLayer&cx=c
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4adee86ae3a42fe66a3069228c6b43a9acefe561a32b2fb779fce17e0396e72a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79714
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 30 Apr 2023 03:16:59 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/933842872/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/933842872/?random=1682824619650&cv=11&fst=1682824619650&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&hn=www.googleadservices.com&frm=0&tiba=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20-%20Hindustan%20Times&auid=1411037945.1682824620&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2484273b0d620f8b8303473e04ef1692f14ac4ded163aa37384ae7cd8099a60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1307
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ht-notification-script.js
www.hindustantimes.com/res/js/ 		357 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/res/js/ht-notification-script.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e855754d14ce96ee481590a8b6a929795a921418f96277786dc9d00f3efcd7e8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Fri, 24 Mar 2023 12:27:46 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-server
ip-10-136-167-137.ap-south-1.compute.internal
accept-ranges
bytes
cachettl
content-length
109647
hqdefault_1682796261785_1682796419413.jpg
www.hindustantimes.com/ht-img/img/2023/04/29/550x309/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/ht-img/img/2023/04/29/550x309/hqdefault_1682796261785_1682796419413.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7fa915133ee0a462fa8ccfe1264e5c192df09b45c63eb70590151829413c02bc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 19:27:09 GMT
server
Akamai Image Manager
etag
"da946e0930c0eb2aad95d98096f997df"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/avif
cache-control
max-age=7776000
cachettl
content-length
15131
expires
Fri, 28 Jul 2023 19:28:07 GMT
iuyt_1682774583544_1682774594006.jpg
www.hindustantimes.com/ht-img/img/2023/04/29/550x309/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/ht-img/img/2023/04/29/550x309/iuyt_1682774583544_1682774594006.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
d37aa4e651b9620afe4c46600b304469eebaef6b930866d335c1be4f958e1272
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 13:24:59 GMT
server
Akamai Image Manager
x-serial
575
x-check-cacheable
YES
etag
"eb37fff828171708baa45ae407d20663"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/avif
cache-control
max-age=7776000
cachettl
content-length
22319
expires
Fri, 28 Jul 2023 13:25:12 GMT
hqdefault_1682796139967_1682796161858.jpg
www.hindustantimes.com/ht-img/img/2023/04/29/550x309/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/ht-img/img/2023/04/29/550x309/hqdefault_1682796139967_1682796161858.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
dc81cae8ae74c5a7a8cdd4bfcfb3b03edd66c8289dd4f02627e47896c464a5b6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 19:24:09 GMT
server
Akamai Image Manager
etag
"4fb8335e5593aa04dd0e72931815e521"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=7776000
cachettl
content-length
35523
expires
Fri, 28 Jul 2023 19:24:46 GMT
hqdefault_1682795670836_1682795726287.jpg
www.hindustantimes.com/ht-img/img/2023/04/29/550x309/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/ht-img/img/2023/04/29/550x309/hqdefault_1682795670836_1682795726287.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
fee787f14c4a7c3099d44e5b8bbd54fbc6421899fcebda9a0b3c2a86c1b81f2d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 19:18:52 GMT
server
Akamai Image Manager
x-serial
2003
x-check-cacheable
YES
etag
"e9e7e5d00a0ed32b00b8baacd0d504cd"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/avif
cache-control
max-age=7776000
cachettl
content-length
24066
expires
Fri, 28 Jul 2023 19:19:21 GMT
hqdefault_1682795957039_1682796101534.jpg
www.hindustantimes.com/ht-img/img/2023/04/29/550x309/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/ht-img/img/2023/04/29/550x309/hqdefault_1682795957039_1682796101534.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c7ab253f9ec980a1cd69b206bd7063f3cf9b7082876e69aedc3b5154901272f1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 19:22:06 GMT
server
Akamai Image Manager
x-serial
34
x-check-cacheable
YES
etag
"909dd4236f29d19c085ebed778b809d4"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/avif
cache-control
max-age=7776000
cachettl
content-length
17109
expires
Fri, 28 Jul 2023 19:20:20 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		335 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.hindustantimes.com&pubid=04490307-82e6-4a26-8a03-ce88452d8ffd
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.197.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-197-128.ord56.r.cloudfront.net
Software
Server /
Resource Hash
9cd28222b76db9ecead97bdea2b69bce8777da737c9e242502def4a5f1c96675

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
via
1.1 337d1825797be2e0eb9264f0a8d32caa.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ORD56-P5
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.hindustantimes.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
335
x-amz-cf-id
W9SpYXpyoH6d8VOwpJbaiTbiKPPQ04ZeFkLiaxSY_rhR_cJbKxUnvA==
bid
aax.amazon-adsystem.com/e/dtb/ 		244 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&pid=9WAE84Ehivm5T&cb=0&ws=1600x1200&v=23.426.459&t=1000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1522659065797-0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%221290x250%22%2C%22980x90%22%2C%22970x90%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1341380965417-4%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%7D%5D&pubid=04490307-82e6-4a26-8a03-ce88452d8ffd&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.124.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-124-226.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
248b9727249cdd990dab977d314e98bea62b37a56556fc421d338b0b7abb43d3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 534f7e815b25f5cd40ef32ea39fc9a8c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-amz-rid
GMPV77Y11SKR60YRQ2B0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.hindustantimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
244
x-amz-cf-id
AuXGhgJ36UXai5xCHUbuEAjrBhE3SXCPlYiUNV1a9EkV3h6yFTAeWA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.197.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-197-128.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
ZtsI5FMPcYjgnUSe6fFwOoK3szNfqbqS
content-encoding
gzip
via
1.1 337d1825797be2e0eb9264f0a8d32caa.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 00:15:43 GMT
x-amz-cf-pop
ORD56-P5
age
12605
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 27 Apr 2023 23:46:51 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
ml_82XT2M5msPDLmvk05T_K_Y70Eb9Bm-jJvGplv6iAnzVO73RrTmQ==
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame F0BA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=16343
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6af62ed047986e026099c3a3ba5135a44e07b3f4f5b84fc4a1ba62ee8b3daed

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
10008
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Sun, 30 Apr 2023 00:30:12 GMT
etag
W/"ab50484458d62eef36ef1969b84da1b5"
last-modified
Tue, 25 Apr 2023 19:53:12 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 7f9c24c13cc1a16d2c6ea3097e4958fa.cloudfront.net (CloudFront)
x-amz-cf-id
5QjonxWGX9Vg94XVdUQPHSsfTMUBjpArqUVR0dRfpkYD1L8IfwkJDQ==
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
webengage-min-v-6.0.js
ssl.widgets.webengage.com/js/ 		212 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.widgets.webengage.com/js/webengage-min-v-6.0.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
794c865bc31cf6af26394f08941757145287ee2d6ddb367273f997b9577ed392

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
via
1.1 ea5efad48fd2ca3e2050f885ef5ad57c.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
HIT
x-amz-cf-pop
EWR53-C2
age
6341
x-cache
Hit from cloudfront
last-modified
Wed, 19 Apr 2023 10:12:06 GMT
server
cloudflare
etag
W/"643fbe76-34e5d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7bfca1113ab24bb8-YUL
x-amz-cf-id
9pnYTfGYv-mjkraiZeBmn67EOEOnPD3A36XgtSEQdHm0KvZfNNcc8w==
expires
Sun, 30 Apr 2023 04:47:19 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=hindustantimes.com&p=%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&u=B6IIbaB0TDCfbWxFL&d=hindustantimes.com&g=63228&g0=business&g1=Reuters%7C%20Posted%20by%20Mallika%20Soni&n=1&f=00001&c=0&x=0&m=0&y=7537&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&b=2405&t=CRFYyHfRjzymSEVOyPcvjCVjW0P&V=139&i=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20-%20Hindustan%20Times&tz=0&_acct=anon&sn=1&sv=XJLrCEP7eDB6i66wDK-gDnDNtgnm&sd=1&im=067b0ff3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.234.231 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-234-231.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 03:16:59 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
ht
www.hindustantimes.com/cdp/api/adserve/ 		22 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/cdp/api/adserve/ht?user=3e33f1de-d7d5-4cb2-ba8b-5a6e78d77f92
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
akka-http/10.0.9 /
Resource Hash
fade60bd3c249e26539f71251d9f5552cc874fe839d52a1b3ec1b4f3d5e6635f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
server
akka-http/10.0.9
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://www.hindustantimes.com
cache-control
max-age=43200
access-control-allow-credentials
true
cachettl
content-length
42
expires
Sun, 30 Apr 2023 15:16:59 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=974567561&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&ul=en-us&de=UTF-8&dt=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20-%20Hindustan%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Widget%20Events&ea=Promotion%20Impression&el=trending_photos_listing_rhs&_u=aGDAAEALQAQCACAMI~&jid=421412641&gjid=852863632&cid=1069195539.1682824617&tid=UA-1431719-1&_gid=1097292624.1682824617&_r=1&gtm=45He34q0n81TFD6PTW&cd60=listing_rhs&cd61=1&cd62=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&promo1id=101682781138099&promo1nm=trending_photos_listing_rhs&promo1cr=https%3A%2F%2Fwww.hindustantimes.com%2Fphotos%2Flifestyle%2F5-foods-that-reduce-sugar-cravings-101682781138099.html&promo1ps=1&promo2id=101682776594763&promo2nm=trending_photos_listing_rhs&promo2cr=https%3A%2F%2Fwww.hindustantimes.com%2Fphotos%2Flifestyle%2Fhina-khan-s-shimmery-ensemble-for-filmfare-has-our-heart-101682776594763.html&promo2ps=2&promo3id=101682789133975&promo3nm=trending_photos_listing_rhs&promo3cr=https%3A%2F%2Fwww.hindustantimes.com%2Fphotos%2Fsports%2Fdelhi-capitals-vs-sunrisers-hyderabad-ipl-2023-action-in-images-101682789133975.html&promo3ps=3&promo4id=101682746096163&promo4nm=trending_photos_listing_rhs&promo4cr=https%3A%2F%2Fwww.hindustantimes.com%2Fphotos%2Fwrestlers-protest-stars-extend-support-wfi-chief-brij-bhushan-jantar-mantar-delhi-101682746096163.html&promo4ps=4&promo5id=101682780916311&promo5nm=trending_photos_listing_rhs&promo5cr=https%3A%2F%2Fwww.hindustantimes.com%2Fphotos%2Fsports%2Fkolkata-knight-riders-vs-gujarat-titans-ipl-2023-action-in-images-101682780916311.html&promo5ps=5&z=134044804
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:16:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hindustantimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.209.150.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-150-91.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hindustantimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 30 Apr 2023 03:16:59 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.131.233 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-131-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sun, 30 Apr 2023 03:31:59 GMT
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.209.150.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-150-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 03:16:59 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
/
ow.pubmatic.com/cookie_sync/ 		318 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ow.pubmatic.com/cookie_sync/?sec=1
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.105 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
df76a18c81c9c3af8d3130e72d5df8ad2a3fcda74526c57bda644469ffd33f7e

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hindustantimes.com
date
Sun, 30 Apr 2023 03:16:59 GMT
access-control-allow-credentials
true
content-length
318
content-type
application/json; charset=utf-8
auction
ow.pubmatic.com/pbs/openrtb2/ 		258 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ow.pubmatic.com/pbs/openrtb2/auction
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.105 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1630406a4b2517140fec480b8bb754fcf742ba4e7eb5776424425ad557f92da7

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hindustantimes.com
date
Sun, 30 Apr 2023 03:17:00 GMT
access-control-allow-credentials
true
content-length
258
content-type
application/json
hb
cpm.adsolut.in/ 		224 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.adsolut.in/hb?zone=153116&v=1.6
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
b4d464da7a21c15c13b120cc82672a376b9ddd9767ab5f2386df7c468993f83c

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:16:59 GMT
Server
nginx
Age
0
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.hindustantimes.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
224
hbjson
grid.bidswitch.net/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ebbfc0d3fe042cfc56591c426168747ac113c735d647bd467df45feeb2807286

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 03:17:00 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.hindustantimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
prebid
ib.adnxs.com/ut/v3/ 		19 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:16:59 GMT
AN-X-Request-Uuid
22be6db8-4454-4f47-bd96-870f6044d468
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hindustantimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg-apac.smartadserver.com/prebid/ 		969 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.144 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
5b2678eaf0d1cf672de2438d57e0c88078651941531230385d3e9688404f96ba

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:16:59 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.hindustantimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hindustantimes.com
date
Sun, 30 Apr 2023 03:16:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.160 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.hindustantimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 30 Apr 2023 03:17:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-CGQQPTKRWT&gtm=45je34q0&_p=974567561&cid=1069195539.1682824617&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682824619&sct=1&seg=0&dl=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&dt=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20-%20Hindustan%20Times&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CGQQPTKRWT&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:16:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hindustantimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=974567561&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&ul=en-us&de=UTF-8&dt=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20-%20Hindustan%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Widget%20Events&ea=Promotion%20Impression&el=trending_videos_rhs_listing_-_rhs&_u=aHDAAEALQAQCACAMI~&jid=&gjid=&cid=1069195539.1682824617&tid=UA-1431719-1&_gid=1097292624.1682824617&gtm=45He34q0n81TFD6PTW&cd60=listing_-_rhs&cd61=1&cd62=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&promo1id=101682796265865&promo1nm=trending_videos_rhs&promo1cr=https%3A%2F%2Fwww.hindustantimes.com%2Fvideos%2Fworld-news%2Fputin-to-shake-west-with-a-nuclear-explosion-us-worried-over-russias-planned-nuke-test-details-101682796265865.html&promo1ps=1&promo2id=101682774551789&promo2nm=trending_videos_rhs&promo2cr=https%3A%2F%2Fwww.hindustantimes.com%2Fvideos%2Fnews%2Ffirst-time-on-camera-how-pm-modi-records-his-monthly-radio-show-mann-ki-baat-watch-101682774551789.html&promo2ps=2&promo3id=101682796143594&promo3nm=trending_videos_rhs&promo3cr=https%3A%2F%2Fwww.hindustantimes.com%2Fvideos%2Fnews%2Fwill-never-hesitate-pak-army-chiefs-message-to-india-rakes-up-kashmir-to-target-modi-govt-101682796143594.html&promo3ps=3&promo4id=101682795675141&promo4nm=trending_videos_rhs&promo4cr=https%3A%2F%2Fwww.hindustantimes.com%2Fvideos%2Fnews%2Fready-to-fight-pak-army-on-india-after-bajwas-embarrassing-kashmir-admission-details-101682795675141.html&promo4ps=4&promo5id=101682795961740&promo5nm=trending_videos_rhs&promo5cr=https%3A%2F%2Fwww.hindustantimes.com%2Fvideos%2Fnews%2Fsevere-punishment-pm-modi-rips-cong-after-kharges-venomous-snake-barb-watch-101682795961740.html&promo5ps=5&z=716013036
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 12:06:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
54635
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
storage-frame-1.18.htm
8261785d.webengage.co/ Frame 1710 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8261785d.webengage.co/storage-frame-1.18.htm?cdn=y&cbf=webengage-engagement-callback-frame&lc=8261785d
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2340:4800:8:cf94:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
16c8ad014e255e48470f6856e3ac20f6050865f72e971417501057d4aeaddd98

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
age
1353
cache-control
max-age=14400
content-encoding
gzip
content-type
text/html
date
Sun, 30 Apr 2023 02:54:27 GMT
etag
W/"60b76f62-d60"
expires
Sun, 30 Apr 2023 06:54:27 GMT
last-modified
Wed, 02 Jun 2021 11:45:38 GMT
server
nginx
vary
Accept-Encoding
via
1.1 f730784cbe894bb457fd22763926fb8a.cloudfront.net (CloudFront)
x-amz-cf-id
0ELByXIp69wAe7CgMq9ZxUWn-R6NRFwIaLoBxfzAYXRJ6N-vuvnzGQ==
x-amz-cf-pop
ORD56-P5
x-cache
Hit from cloudfront
/
www.google.ca/pagead/1p-conversion/933842872/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/933842872/?random=50393387&cv=11&fst=1682824619629&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hi...
  • https://www.google.com/pagead/1p-conversion/933842872/?random=50393387&cv=11&fst=1682824619629&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hindustantimes.com%2Fbu...
  • https://www.google.ca/pagead/1p-conversion/933842872/?random=50393387&cv=11&fst=1682824619629&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hindustantimes.com%2Fbus...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-conversion/933842872/?random=50393387&cv=11&fst=1682824619629&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&label=ulfrCN3cvoIYELifpb0D&hn=www.googleadservices.com&frm=0&tiba=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20-%20Hindustan%20Times&value=0&auid=1411037945.1682824620&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOElDem9nWVFqNU9UbDZYcmhiSkxFaVlBbnpUQjhNcWpLcHJWcnBCY1BvZmxXYzRCYkFMWXhpWXRGNnBXSEdUNzA2UUtQQnplTUEaWkNoRUk4SUN6b2dZUTI4S2Z2Y0RJM09mZ0FSSXVBUFlKdDc4a0FwU0FQWFdCZjA3REJLYndmNXFSRURTLWZDMkxjZ1lJMkVBMjBPZnh4UENESDVRQlhLOVh6Zw&is_vtc=1&ocp_id=q91NZIL7K4WXNezYgOgL&cid=CAQSKQBygQiD0bXaTX23BMnoPgJs7PhTNDOSJvnYAMYN0Ugq01LzlnfIx4Gl&eitems=ChAI8ICzogYQ_47m4sv_47ttEh0AI5nQcv6nG7tqOwrGMChJyuxnbup5dPdlUe1Zjw&random=1618632219&ipr=y&prhg=0
Protocol
H3
Server
2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.ca/pagead/1p-conversion/933842872/?random=50393387&cv=11&fst=1682824619629&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&label=ulfrCN3cvoIYELifpb0D&hn=www.googleadservices.com&frm=0&tiba=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20-%20Hindustan%20Times&value=0&auid=1411037945.1682824620&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOElDem9nWVFqNU9UbDZYcmhiSkxFaVlBbnpUQjhNcWpLcHJWcnBCY1BvZmxXYzRCYkFMWXhpWXRGNnBXSEdUNzA2UUtQQnplTUEaWkNoRUk4SUN6b2dZUTI4S2Z2Y0RJM09mZ0FSSXVBUFlKdDc4a0FwU0FQWFdCZjA3REJLYndmNXFSRURTLWZDMkxjZ1lJMkVBMjBPZnh4UENESDVRQlhLOVh6Zw&is_vtc=1&ocp_id=q91NZIL7K4WXNezYgOgL&cid=CAQSKQBygQiD0bXaTX23BMnoPgJs7PhTNDOSJvnYAMYN0Ugq01LzlnfIx4Gl&eitems=ChAI8ICzogYQ_47m4sv_47ttEh0AI5nQcv6nG7tqOwrGMChJyuxnbup5dPdlUe1Zjw&random=1618632219&ipr=y&prhg=0
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 2D38
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db...
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b98d558a57cb02d6856c29437f5b6d0871ad667ea0616688e23e5422feba3012

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1940
Content-Type
text/html
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-1431719-1&cid=1069195539.1682824617&jid=421412641&gjid=852863632&_gid=1097292624.1682824617&_u=aGDAAEALQAQCACAMI~&z=233549388
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 30 Apr 2023 03:17:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hindustantimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/933842872/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/933842872/?random=1682824619650&cv=11&fst=1682823600000&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&frm=0&tiba=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20-%20Hindustan%20Times&fmt=3&is_vtc=1&random=2298507668&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/933842872/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/933842872/?random=1682824619650&cv=11&fst=1682823600000&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&frm=0&tiba=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20-%20Hindustan%20Times&fmt=3&is_vtc=1&random=2298507668&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=974567561&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&ul=en-us&de=UTF-8&dt=Microsoft%20says%20it%20found%20malicious%20software%20from%20SolarWinds%20in%20its%20systems%20-%20Hindustan%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Google%20Optimize&ea=hjoTBwWfS12cMwCpaq8fTA&_u=aHDAAEALQAQCACAMI~&jid=&gjid=&cid=1069195539.1682824617&tid=UA-1431719-1&_gid=1097292624.1682824617&cd2=&cd3=business&cd4=&cd5=12182020-11%3A39%3A06&cd6=Microsoft&cd47=false&cd48=101608335843730&cd9=&cd13=747&cd49=story&z=2018619464
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 12:06:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
54636
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame FCF9
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3...
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3...
414 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
6f4819d7f07916e445b9f7020cffcc64e8741dd91d9c7bca81d5e3480c21cf93
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
414
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
FZR443NCBWF7FWSQ9816

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
D8WY86PERN9M442EWEMD
cube-config.json
www.hindustantimes.com/static-content/5m/ 		180 B
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hindustantimes.com/static-content/5m/cube-config.json
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
586537ce383860a285130ba803f41c97cb99c4d074edfa405d1695d36a144a70
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
content-encoding
gzip
x-amz-request-id
VF6NZPER18T168RE
x-amz-server-side-encryption
AES256
cachettl
content-length
101
x-amz-id-2
uEfelM+2JUW+OUnZfNBLjqpEUEBvPCdzP15STBhS27C9hqoIYhSAYcBzT0+UD52PJ7INBmVCc3Y=
last-modified
Mon, 10 Apr 2023 13:36:50 GMT
server
AmazonS3
etag
"a76a68e0b07738ecf90756a565837988"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
x-frame-options
SAMEORIGIN
accept-ranges
bytes
pixels
bcp.crwdcntrl.net/ Frame 7E2D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?s=22%2C61%2C14%2C81%2C12%2C8&c=16343&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=16343
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.153.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-153-83.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
1a9e8e47d1239441bc459e40af1b18fffcbeb290dba8f65ac2dbe7ac707ef791

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-length
1238
content-type
text/html
date
Sun, 30 Apr 2023 03:17:00 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.39.202
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1431719-1&cid=1069195539.1682824617&jid=421412641&_u=aGDAAEALQAQCACAMI~&z=1955769750
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1431719-1&cid=1069195539.1682824617&jid=421412641&_u=aGDAAEALQAQCACAMI~&z=1955769750
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7E2D 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZDE3OTlmMzNiZmQwM2JhNTg4YmJhMjgyNDM0OWM2NWQ&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C61%2C14%2C81%2C12%2C8&c=16343&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
utsync.ashx
ml314.com/ Frame 7E2D 		43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=d1799f33bfd03ba588bba2824349c65d&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C61%2C14%2C81%2C12%2C8&c=16343&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
0,Sun, 30 Apr 2023 23:17:00 GMT
382416.gif
idsync.rlcdn.com/ Frame 7E2D 		42 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/382416.gif?partner_uid=d1799f33bfd03ba588bba2824349c65d&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C61%2C14%2C81%2C12%2C8&c=16343&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
lotame
sync.sharethis.com/ Frame 7E2D 		42 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/lotame?uid=d1799f33bfd03ba588bba2824349c65d&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C61%2C14%2C81%2C12%2C8&c=16343&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.241.228 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-241-228.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:17:00 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHAAAmRN3awAAAAINWYHAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
5907
tags.bluekai.com/site/ Frame 7E2D 		62 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=853f608fe42b74b90437ebb04c3d0b98
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C61%2C14%2C81%2C12%2C8&c=16343&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.208 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sun, 30 Apr 2023 03:17:00 GMT
content-length
62
content-type
image/gif
g.json
aa.agkn.com/adscores/ Frame 7E2D 		103 B
723 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C61%2C14%2C81%2C12%2C8&c=16343&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.225.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-225-104.ord58.r.cloudfront.net
Software
AAWebServer /
Resource Hash
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
via
1.1 5ef611491466ae93dde0cdf47e15f8fa.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
ORD58-P4
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
103
x-amz-cf-id
5Kszxt37BBkN5Tqi5l0ogD8jXJ2k07eqBLfT4az61FBQIz95XESJJQ==
expires
0
search
affliate-api.hindustantimes.com/api/amazon/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://affliate-api.hindustantimes.com/api/amazon/search
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7490 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hindustantimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS, HEAD, PUT
access-control-allow-origin
https://www.hindustantimes.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 30 Apr 2023 03:17:00 GMT
search
affliate-api.hindustantimes.com/api/amazon/ 		14 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://affliate-api.hindustantimes.com/api/amazon/search
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7490 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
59c5bbcfe7a411323e995380c613db2dff27ab1b25b77cf14b3664e29641fe82

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD, PUT
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.hindustantimes.com
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
3663
Insta_Video_Viral_Maan_Meri_Jaan_Groom_Bride_1682759275475_1682759294300.png
www.hindustantimes.com/ht-img/img/2023/04/29/550x309/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/ht-img/img/2023/04/29/550x309/Insta_Video_Viral_Maan_Meri_Jaan_Groom_Bride_1682759275475_1682759294300.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7c728db47439688fcf6f8d7ac985215aa0013ed3115f9f53d32dbc684c534a5b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 10:10:19 GMT
server
Akamai Image Manager
etag
"1e68cec68ab4ac7bf3857c1f6f81cf53"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/avif
cache-control
max-age=7776000
cachettl
content-length
27553
expires
Fri, 28 Jul 2023 10:11:39 GMT
pooh_in_coronation_1682785965725_1682785975083.jpg
www.hindustantimes.com/ht-img/img/2023/04/29/148x111/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/ht-img/img/2023/04/29/148x111/pooh_in_coronation_1682785965725_1682785975083.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
d0b53bf1d1f58806dd045fae390688c057084f7d1100e9af9ec92a7a39b0c860
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 16:37:43 GMT
server
Akamai Image Manager
x-serial
121
x-check-cacheable
YES
etag
"ce90ada66d296222dc6a83292a290e48"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/avif
cache-control
max-age=7776000
cachettl
content-length
2647
expires
Fri, 28 Jul 2023 16:36:55 GMT
Insta_Video_Viral_Human_Tie_Cat_1682770103307_1682770120221.png
www.hindustantimes.com/ht-img/img/2023/04/29/148x111/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/ht-img/img/2023/04/29/148x111/Insta_Video_Viral_Human_Tie_Cat_1682770103307_1682770120221.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
bc48762f055c7353dfa3c862b6bbd706db812ee30015241cf2be15bae7117dc5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 15:34:44 GMT
server
Akamai Image Manager
etag
"77106d6c5d5b47a60c29b1f9948af666"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/avif
cache-control
max-age=7776000
cachettl
content-length
4534
expires
Fri, 28 Jul 2023 15:35:11 GMT
cat-join-dog-sibling-bff-playdate-viral-video_1682776530874_1682776547323.jpg
www.hindustantimes.com/ht-img/img/2023/04/29/148x111/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hindustantimes.com/ht-img/img/2023/04/29/148x111/cat-join-dog-sibling-bff-playdate-viral-video_1682776530874_1682776547323.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
a5d14815529b18a35e8b4569ae04fdc2ce99ad0237ff85a2591a5c847b910576
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 14:30:53 GMT
server
Akamai Image Manager
x-serial
1567
x-check-cacheable
YES
etag
"b74d8e822cc30412dc9af6aa88e290c6"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/avif
cache-control
max-age=7776000
cachettl
content-length
4034
expires
Fri, 28 Jul 2023 14:31:50 GMT
v4.js
wsdk-files.webengage.com/webengage/8261785d/ Frame 1710 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsdk-files.webengage.com/webengage/8261785d/v4.js
Requested by
Host: 8261785d.webengage.co
URL: https://8261785d.webengage.co/storage-frame-1.18.htm?cdn=y&cbf=webengage-engagement-callback-frame&lc=8261785d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffa36fd543238ce279b8503fd29cc148b08704bb0426b21377d12bdf9096d7dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8261785d.webengage.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
content-encoding
gzip
via
1.1 43af2ec1becf07da0a09b43135838da4.cloudfront.net (CloudFront)
x-amz-version-id
1p.kfP_3lRzMEgJedTabGT_SmPGs_0uU
cf-cache-status
HIT
x-amz-cf-pop
ORD58-P5
age
12
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1493
last-modified
Sun, 16 Apr 2023 18:46:02 GMT
server
cloudflare
etag
"6ffea192d3d58fe4816028458acbb85a"
vary
Accept-Encoding
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=60, must-revalidate
accept-ranges
bytes
cf-ray
7bfca114d89a4bb8-YUL
x-amz-cf-id
5Y5kbrUea_mT-ZWd2Tt8gjxFNqfW3Dkc-sK4nWukSwU4-Vh8oIxWFA==
rum
dsum-sec.casalemedia.com/ Frame 2D38
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&expiration=1685416620&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&expiration=1685416620&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&expiration=1685416620&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 2D38
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3drD4L2EtJ03xMOguA5AAADwsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOgHFjuz-m0LBZhmEbB0Eqo&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOgHFjuz-m0LBZhmEbB0Eqo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOgHFjuz-m0LBZhmEbB0Eqo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 2D38 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3drD4L2EtJ03xMOguA5AAADwsAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
92HVFY2739M3GQH3RPS1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2D38
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE3drD4L2EtJ03xMOguA5AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGnk7xI7DUJr3P0qC7tDh8w&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGnk7xI7DUJr3P0qC7tDh8w&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGnk7xI7DUJr3P0qC7tDh8w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2D38
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5228208061499362106
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5228208061499362106
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 30 Apr 2023 03:17:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ac5a6306-1cdb-4335-bc27-614d56ba428b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5228208061499362106
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2D38
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662259297245386
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662259297245386
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
521
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662259297245386
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7bfca115fd84ca67-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2D38
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=78ccb038-e705-11ed-82fe-30dce8bdf4b3
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=78ccb038-e705-11ed-82fe-30dce8bdf4b3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=78ccb038-e705-11ed-82fe-30dce8bdf4b3
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
sjc-delivery-10
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
tp_out
d.adroll.com/cm/index/ Frame 2D38 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:e9ef:fe6f:6ce4:eb8b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
setuid
ow.pubmatic.com/ Frame 2D38 		0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=ix&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=ZE3drD4L2EtJ03xMOguA5AAA%263851
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&s=184674&us_privacy=&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.105 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
content-length
0
content-type
text/html
upf.js
c.webengage.com/ 		717 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.webengage.com/upf.js?lp=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&rf=&geo=y&jsonp=_we_jsonp_global_cb_1682824620323
Requested by
Host: ssl.widgets.webengage.com
URL: https://ssl.widgets.webengage.com/js/webengage-min-v-6.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.184.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-184-9.compute-1.amazonaws.com
Software
/
Resource Hash
0a4e9315b659343f930462afe4557db4e90e405e8d8f2e968fecba663ec5fc7e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
717
x-xss-protection
1; mode=block
pragma
no-cache
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With,content-type
expires
0
pr
s.amazon-adsystem.com/v3/ Frame BD82 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f7213d0860a642dd77a8ca3992d58e3a80bd5b09290d3a9e295c86039b49e8f0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
4591
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
5KJKAQ9N07TNTA87M24G
ecm3
s.amazon-adsystem.com/ Frame BD82
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=4dc13655-7864-4f56-8e77-3f84a75178d6
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=4dc13655-7864-4f56-8e77-3f84a75178d6
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AYRT9177CX41W0YK1AH6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=4dc13655-7864-4f56-8e77-3f84a75178d6
Date
Sun, 30 Apr 2023 03:17:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame BD82
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3258262201455395000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3258262201455395000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H54AXY73V55B75YHF5TW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3258262201455395000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Sun, 30 Apr 2023 03:17:00 GMT
ecm3
s.amazon-adsystem.com/ Frame BD82
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1
  • https://s.amazon-adsystem.com/ecm3?id=AAAz7E7Im7sAACF9d1f_9Q&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AAAz7E7Im7sAACF9d1f_9Q&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4H3E78RQS305E7AJDMAR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AAAz7E7Im7sAACF9d1f_9Q&ex=beeswax.com
Date
Sun, 30 Apr 2023 03:17:00 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame BD82
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=ee28081dc141859df3e9c39bf89f63cf&name=AMAZON&url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadyoulike.com%26id%3D%7BuserId%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adyoulike.com&id=e1e6a3c038967f34ccf1f8b429c14399
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adyoulike.com&id=e1e6a3c038967f34ccf1f8b429c14399
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y9R5TA2STEVB6YHTNEP1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://s.amazon-adsystem.com/ecm3?ex=adyoulike.com&id=e1e6a3c038967f34ccf1f8b429c14399
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame BD82
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=a25f37be
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=a25f37be
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G3BF92G9F0YB1HVPT0M7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 03:17:00 GMT
via
1.1 e2f214887681442e395c1fe51841fafc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ORD56-P3
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=a25f37be
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
mNiIPMxwphrEpFG5IKgZJOjKIegwIZd_rHAd0xwtu8E7woKis2_4rg==
/
onetag-sys.com/match/ Frame BD82 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame BD82
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=750B201F00374D3C9EC50C19E920AA21&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=750B201F00374D3C9EC50C19E920AA21&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H3V84J243VMAYX470AZP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 03:17:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=750B201F00374D3C9EC50C19E920AA21&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 29 Apr 2023 03:17:00 GMT
ecm3
s.amazon-adsystem.com/ Frame BD82
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=ESUImoe5nChfpHFV_GHT
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=ESUImoe5nChfpHFV_GHT
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YN65T4QZ3FVF5RANXJ7M
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=ESUImoe5nChfpHFV_GHT
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
amzns2s
rtb.gumgum.com/usync/ Frame AD09 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.180.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-180-182.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b9ab9c624c1d265a60f1214a9f2d3cb1c0da33dce3c4b6c4c8993aeb3eed9a6b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 30 Apr 2023 03:17:00 GMT
etag
W/"0e143bde5bf3a44f321befb8ebfde37cd"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame B08D 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
cef686fe53d876af13c04d24b0302c1499e0d7ecf082da6d782e4c43f2e75fdf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1736
Content-Type
text/html
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
0
Keep-Alive
timeout=1, max=497
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
cm
u.openx.net/w/1.0/ Frame F766
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
693 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
9de821d5674a2229c3229c9251db47fb446d0d5f52132ead98c821eeec76279a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
400
content-type
text/html
date
Sun, 30 Apr 2023 03:17:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 30 Apr 2023 03:17:00 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 6CCB
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5539071858692007168&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5539071858692007168&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
D8SHE3T2MVZAVHJA0B85

Redirect headers

content-length
0
date
Sun, 30 Apr 2023 03:17:00 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5539071858692007168&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame C580
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=7c131bdd1e231072&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAF17eoD831RQMjvLsaAAAAAAA&expiration=1682911020&is_secure=true
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAF17eoD831RQMjvLsaAAAAAAA&expiration=1682911020&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
Z663B0FD3ZMVJS6RMA3R

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Sun, 30 Apr 2023 03:17:00 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAF17eoD831RQMjvLsaAAAAAAA&expiration=1682911020&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FB82 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=69459
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 03:17:00 GMT
expires
Sun, 30 Apr 2023 22:34:39 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 7E4E 		973 B
1016 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.16.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-16-77.compute-1.amazonaws.com
Software
/
Resource Hash
2cd5a5730df4c8953d1a95d126f5422fdddfd086faf17a6de2a0edcc858c2569

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Sun, 30 Apr 2023 03:17:00 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame D2C1 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 03:17:00 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame A288
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
828 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
c6ec2b9180008ff0d7b53badff33b9dd4e85c63a463d245dde7cdaf2e2126e0d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
828
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-6c7cb7447-ghvkq
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
cw-server
bh-deployment-6c7cb7447-ghvkq
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 0A89
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=5228208061499362106&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=5228208061499362106&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
ZVEGX0PEY8JFS4RKTQM4

Redirect headers

AN-X-Request-Uuid
55089503-efff-479f-9f5b-f33c11c79e4d
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=5228208061499362106&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
amazon
ce.lijit.com/beacon/ Frame 34DB
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.175.41.44 Yorktown Heights, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
ed3022cca8c3b43236c46922828f16e2cf7723e3020f93269f5cf0d5fdd36db1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
486
Content-Type
text/html
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap4ord1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ord1
ecm3
s.amazon-adsystem.com/ Frame A8C2
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2282483648371981074416
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2282483648371981074416
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
RJCSZDG5GNBGEG5J132X

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 30 Apr 2023 03:17:00 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2282483648371981074416
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
integrator.js
adservice.google.ca/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.hindustantimes.com
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.hindustantimes.com
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		186 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3747330957368739&correlator=315226796094120&eid=31074163&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fifs&iu_parts=1055314%2CHindustantimes_Desktop_Skyscrapper%2CHT_Desk_skyscrapper%2CHindustantimes_Desktop_Story%2CHT_Desk_Story_Outstream_1x1%2CHT_Desk_Story_A_300x250%2CHT_Desk_Story_Header_Multisize%2CHT_Desk_Story_Top_Multisize&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F3%2F4%2C%2F0%2F3%2F5%2C%2F0%2F3%2F6%2C%2F0%2F3%2F7&prev_iu_szs=1x1%2C1x1%2C300x250%7C1x1%7C336x280%2C728x90%7C970x90%7C1290x250%7C980x90%7C970x90%7C980x250%7C980x200%7C970x250%2C300x250%7C336x280&ifi=1&adks=2451988587%2C3992411422%2C1368116813%2C537784006%2C1321205846&didk=4282968290~848801607~3879104247~3162744615~3628957867&sfv=1-0-40&ists=16&prev_scp=pwtsid_pubmatic%3D590b1d13ad4b954%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D60e52edfde05ed8%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D6145bfc88e37cc7%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Camznbid%3D2%26amznp%3D2%26pwtsid_pubmatic%3D572b49f432785a4%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Camznbid%3D2%26amznp%3D2%26pwtsid_pubmatic%3D5807ad2e257c6a3%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=template%3Dstory%26section%3Dbusiness%26subsection%3D%26HT_StoryID%3DAcYtEwmLM9MGZBFXldoJyH%26ContextualKeyword%3D%26HT_Topic%3DMICROSOFT%252CUS%252CFBI%252CCongress%26cdpcampaign%3Dcmrk&ppid=e24860483f2324e2c8ec01573c10115f935405b435b17d04c2db91b51615114a&sc=1&cookie_enabled=1&abxe=1&dt=1682824620434&lmt=1682824620&dlt=1682824616595&idt=3128&adxs=0%2C0%2C480%2C436%2C1050&adys=7537%2C7537%2C1249%2C157%2C521&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&frm=20&vis=1&psz=1600x7516%7C1600x7516%7C550x313%7C1600x273%7C300x280&msz=1600x0%7C1600x0%7C550x26%7C728x0%7C300x26&fws=0%2C0%2C0%2C0%2C516&ohw=0%2C0%2C0%2C0%2C300&ga_vid=1069195539.1682824617&ga_sid=1682824620&ga_hid=974567561&ga_fc=true&ga_cid=1097292624.1682824617
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c20912dd5d907d06a56c46b9e5ae914f20f446d6729091eff24c26e957898c9c
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5933284304937267351/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5933284304937267351/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMGX553S0P4CFczxswod3DMIuQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/5933284304937267351/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5933284304937267351/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5933284304937267351/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMGX553S0P4CFczxswod3DMIuQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/5933284304937267351/index.html
date
Sun, 30 Apr 2023 03:17:01 GMT
x-content-type-options
nosniff
content-encoding
br
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56072
x-xss-protection
0
google-lineitem-id
-2,-2,5743495622,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,138408937817,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hindustantimes.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		86 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3747330957368739&correlator=315226796094120&eid=31074163&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fifs&iu_parts=3106570%2CHindustantimes_Desktop_Cube%2CHT_Desk_Web_Cube_Phase_1_129x82%2CHT_Desk_Web_Cube_Phase_2_129x82&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=129x82%2C129x82&ifi=6&adks=3824950240%2C1382020589&didk=709796662~709796649&sfv=1-0-40&prev_scp=pwtsid_pubmatic%3D6235be4bf5d4214%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D6369167336a7ca4%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&eri=1&cust_params=template%3Dstory%26section%3Dbusiness%26subsection%3D%26HT_StoryID%3DAcYtEwmLM9MGZBFXldoJyH%26ContextualKeyword%3D%26HT_Topic%3DMICROSOFT%252CUS%252CFBI%252CCongress%26cdpcampaign%3Dcmrk&ppid=e24860483f2324e2c8ec01573c10115f935405b435b17d04c2db91b51615114a&sc=1&cookie_enabled=1&abxe=1&dt=1682824620445&lmt=1682824620&dlt=1682824616595&idt=3128&adxs=-12245933%2C-12245933&adys=-12245933%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1&ucis=6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&frm=20&vis=1&psz=0x-1%7C0x-1&msz=0x-1%7C0x-1&fws=640%2C640&ohw=0%2C0&ga_vid=1069195539.1682824617&ga_sid=1682824620&ga_hid=974567561&ga_fc=true&ga_cid=1097292624.1682824617
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
228b15bba7159029680589ed6d2aeca3f8881d96257f1db82131bb54d63e3373
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18548
x-xss-protection
0
google-lineitem-id
6260719081,6260719081
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138427669266,138428872868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hindustantimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304250101&st=env
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2355ea54c7baea603b3c1849a0f164f6cb53ec8e01b9c04ad231e519fafd6530
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11225
x-xss-protection
0
container.html
ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E9B0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 03:17:00 GMT
expires
Mon, 29 Apr 2024 03:17:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame B08D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&expiration=1685416620&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&expiration=1685416620&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&expiration=1685416620&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame B08D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3drD4L2EtJ03xMOguA5AAADwsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOgHFjuz-m0LBZhmEbB0Eqo&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOgHFjuz-m0LBZhmEbB0Eqo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOgHFjuz-m0LBZhmEbB0Eqo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B08D 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3drD4L2EtJ03xMOguA5AAADwsAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VT0QQH3W3V53ERQEZVKX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B08D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE3drD4L2EtJ03xMOguA5AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGnk7xI7DUJr3P0qC7tDh8w&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGnk7xI7DUJr3P0qC7tDh8w&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGnk7xI7DUJr3P0qC7tDh8w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B08D
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1698635820&external_user_id=a45763cc-4f79-4147-9298-8ac5eafda2e1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1698635820&external_user_id=a45763cc-4f79-4147-9298-8ac5eafda2e1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

date
Sun, 30 Apr 2023 03:17:00 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1698635820&external_user_id=a45763cc-4f79-4147-9298-8ac5eafda2e1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
CookieIndex
rtb.adentifi.com/ Frame B08D 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.226.241.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-226-241-213.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B08D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=bi9sRiiwWD1K7xIXMFDTrZU4mbk
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=bi9sRiiwWD1K7xIXMFDTrZU4mbk
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=bi9sRiiwWD1K7xIXMFDTrZU4mbk
Date
Sun, 30 Apr 2023 03:17:00 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame B08D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZE3drAAGheToBABa
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3drAAGheToBABa&_test=ZE3drAAGheToBABa
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3drAAGheToBABa&_test=ZE3drAAGheToBABa
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-yul12831-YUL
pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1682824621.719662,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3drAAGheToBABa&_test=ZE3drAAGheToBABa
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ecm3
s.amazon-adsystem.com/ Frame B08D 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZE3drD4L2EtJ03xMOguA5AAADwsAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6WHHGPWMS7G30EY53P5Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame B78F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
898
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7bfca1166e7d4004-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 03:17:00 GMT
expires
Sun, 30 Apr 2023 07:17:00 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1CC3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.184 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-184.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 30 Apr 2023 03:17:00 GMT
ETag
"623de86a-cf34"
Expires
Mon, 01 May 2023 03:17:02 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
user-sync
sync.adkernel.com/ Frame 9BE0 		501 B
972 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=153116&r=%2F%2Fcpm.adsolut.in%2Fuser-synced%3Fzone%3D153116%26uid%3D%7BUID%7D
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
d25541afc3cfd894b7197ece9a94b5a1b85f46bec0c97de3161d1249d8506a6b

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
501
Content-Type
text/html; charset=utf-8
Date
Sun, 30 Apr 2023 03:17:00 GMT
Pragma
no-cache
Server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8633 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156370
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=69459
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 03:17:00 GMT
expires
Sun, 30 Apr 2023 22:34:39 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
genericusersync.ashx
sync.tidaltv.com/ 		42 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1c96:4103:85f9:b152:a5d7:cc08 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
1; mode=block
expires
0
sync
x.bidswitch.net/ 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:17:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
redir
rtb-csync.smartadserver.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAz7E7Im7sAACF9d1f_9Q&gdpr=0
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAz7E7Im7sAACF9d1f_9Q&gdpr=0
Protocol
HTTP/1.1
Server
199.187.193.202 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAz7E7Im7sAACF9d1f_9Q&gdpr=0
Date
Sun, 30 Apr 2023 03:17:00 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=1EC31412-D5A5-431C-B807-57F99054DBF9&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=1EC31412-D5A5-431C-B807-57F99054DBF9&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.202 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=1EC31412-D5A5-431C-B807-57F99054DBF9&gdpr=0&gdpr_consent=
date
Sun, 30 Apr 2023 03:16:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=ngQga9H8aoaq&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=ngQga9H8aoaq&ev=1&pid=560288&gdpr_consent=&gdpr=0
Protocol
HTTP/1.1
Server
199.187.193.202 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=ngQga9H8aoaq&ev=1&pid=560288&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-ghvkq
expires
-1
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=3b92640b-6700-4192-92ac-f56bd806be70&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=3b92640b-6700-4192-92ac-f56bd806be70&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.202 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=3b92640b-6700-4192-92ac-f56bd806be70&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
927626
content-length
0
expires
Sun, 30 Apr 2023 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame F766 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=2e5c488a-7e78-81e5-90d1-b4baa53e553a
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8VE431S9AE67JZZ7BA7Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
e24d52b3-f27e-a856-6108-20d8325a5393
pr-bh.ybp.yahoo.com/sync/openx/ Frame F766 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/e24d52b3-f27e-a856-6108-20d8325a5393?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:9d1e:a7ee:a4dc:6f3c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame F766 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=2e5c488a-7e78-81e5-90d1-b4baa53e553a
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GYE4B3T7CA9JPYCVRYHG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F766
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=768a34f7-62d2-3a1f-50df-362dcd0d9eda&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&ttd_puid=768a34f7-62d2-3a1f-50df-362dcd0d9eda&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&ttd_puid=768a34f7-62d2-3a1f-50df-362dcd0d9eda&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&ttd_puid=768a34f7-62d2-3a1f-50df-362dcd0d9eda&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame F766 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWFlNWU3M2QtYWJhNS02NGJiLTQ1M2YtNmM5NDA3ZWY1MGJh
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F766
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBPgkKbfyYJ1HVVfRaGd37Y&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBPgkKbfyYJ1HVVfRaGd37Y&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBPgkKbfyYJ1HVVfRaGd37Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame D2C1 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:17:00 GMT
Content-Encoding
gzip
Last-Modified
Sat, 29 Apr 2023 17:49:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52356
Connection
keep-alive
Content-Length
10020
Expires
Sun, 30 Apr 2023 17:49:36 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame FB82 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21627971&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bf01c288b2ee9cafef35b0f6ffb79ca8fcb2a1b99607bd940c2c994da2241a40

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 30 Apr 2023 03:17:00 GMT
content-length
1677
content-type
text/html; charset=UTF-8
rtset
bh.contextweb.com/bh/ Frame A288
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=MlVtaENNUnhMdEJ6dlpvNnRXc2lHUQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEGDg6PatSMHXpthFWnoD0Xo&google_cver=1
49 B
812 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEGDg6PatSMHXpthFWnoD0Xo&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-ghvkq
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEGDg6PatSMHXpthFWnoD0Xo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame A288
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=3b25f4e109ac1060&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAIulOa4EBlIgMMOEt6AAAAAAA&expiration=1682911020&nuid=&is_secure=true
49 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAIulOa4EBlIgMMOEt6AAAAAAA&expiration=1682911020&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-ghvkq
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAIulOa4EBlIgMMOEt6AAAAAAA&expiration=1682911020&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame A288 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=ngQga9H8aoaq&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6YHGK7V2MN2VCBESENVD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame AD09
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5228208061499362106
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5228208061499362106
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Sun, 30 Apr 2023 03:17:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d1e06467-0ab7-4191-829b-7de0dbeff023
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=5228208061499362106
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame AD09
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_349be9a1-420f-4de7-bff4-0fe61e91a85b&gdpr=&gdpr_consent=&us_privacy=
  • https://t.pswec.com/bsw_sync?ssp=gumgum2&bsw_user_id=4dc13655-7864-4f56-8e77-3f84a75178d6
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=gumgum2&bsw_user_id=4dc13655-7864-4f56-8e77-3f84a75178d6
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=a2100230-3207-41b4-845f-466189cf5828&expires=3&user_group=1&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=4dc13655-7864-4f56-8e77-3f84a75178d6&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=4dc13655-7864-4f56-8e77-3f84a75178d6&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=4dc13655-7864-4f56-8e77-3f84a75178d6&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 30 Apr 2023 03:17:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame AD09
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%2864VAaAO4b8J-jxnh7MhXDP-UHiTTn28WWPRaROzX767zCnPk2BLYcuLxZibgooJg%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_349be9a1-420f-4de7-bff4-0fe61e91a85b&obuid=ENC(64VAaAO4b8J-jxnh7MhXDP-UHiTTn28WWPRaROzX767zCnPk2BLYcuLxZibgooJg)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=64VAaAO4b8J-jxnh7MhXDP-UHiTTn28WWPRaROzX767zCnPk2BLYcuLxZibgooJg
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=outbrain&bsw_custom_parameter=4dc13655-7864-4f56-8e77-3f84a75178d6
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=33aa4adb-0818-448e-95a3-5eb179cb7f90&ssp=outbrain&bsw_param=4dc13655-7864-4f56-8e77-3f84a75178d6
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=4dc13655-7864-4f56-8e77-3f84a75178d6&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=4dc13655-7864-4f56-8e77-3f84a75178d6&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
64.202.112.127 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:17:01 GMT
Cache-Control
no-cache
X-TraceId
0c7d3a5e2a591bc80ad10af824de28b2
Content-Length
0

Redirect headers

Location
//sync.outbrain.com/cookie-sync?p=bidswitch&uid=4dc13655-7864-4f56-8e77-3f84a75178d6&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Sun, 30 Apr 2023 03:17:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame AD09
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=81b79087-4ac7-0249-37a4-26c0055d9f9c
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=81b79087-4ac7-0249-37a4-26c0055d9f9c
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 30 Apr 2023 03:17:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=81b79087-4ac7-0249-37a4-26c0055d9f9c
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame AD09
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-6e2f6c46-28b0-583d-4aef-12173050d3ad$ip$149.56.153.185
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-6e2f6c46-28b0-583d-4aef-12173050d3ad$ip$149.56.153.185
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-6e2f6c46-28b0-583d-4aef-12173050d3ad$ip$149.56.153.185
Date
Sun, 30 Apr 2023 03:17:00 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame AD09
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-W6i3dFNE2pecY6nyIziSG09.j6xVuEHjJiso~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-W6i3dFNE2pecY6nyIziSG09.j6xVuEHjJiso~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 30 Apr 2023 03:17:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-W6i3dFNE2pecY6nyIziSG09.j6xVuEHjJiso~A
content-length
0
usersync
usersync.gumgum.com/ Frame AD09
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=c79ccfdb-d24b-4fe5-8e25-4768c5a15144
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=c79ccfdb-d24b-4fe5-8e25-4768c5a15144
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=c79ccfdb-d24b-4fe5-8e25-4768c5a15144
Date
Sun, 30 Apr 2023 03:17:00 GMT
Connection
keep-alive
X-CI-RTID
2807e2fc-1ea3-45c8-a3ef-c035a724dd28
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame AD09
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=568200899A48499D9AF846BF5A46F6A4
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=568200899A48499D9AF846BF5A46F6A4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 30 Apr 2023 03:17:00 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
840331180
location
https://usersync.gumgum.com/usersync?b=snc&i=568200899A48499D9AF846BF5A46F6A4
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame AD09 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 03:17:00 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame AD09
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_349be9a1-420f-4de7-bff4-0fe61e91a85b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=ESUImoe5nChfpHFV_GHT&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVCVGVKJNVXWKNLOINUGM4CIIZLF6R2IKQ
  • https://usersync.gumgum.com/usersync?b=zem&i=ESUImoe5nChfpHFV_GHT
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=ESUImoe5nChfpHFV_GHT
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=ESUImoe5nChfpHFV_GHT
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame AD09
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=bbe711ff-0958-43d1-a2ae-12ea1e8a0fe1
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=bbe711ff-0958-43d1-a2ae-12ea1e8a0fe1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=bbe711ff-0958-43d1-a2ae-12ea1e8a0fe1
access-control-allow-origin
*
date
Sun, 30 Apr 2023 03:17:01 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame AD09
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=ngQga9H8aoaq&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=ngQga9H8aoaq&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://usersync.gumgum.com/usersync?b=pln&i=ngQga9H8aoaq&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-ghvkq
expires
-1
usersync
usersync.gumgum.com/ Frame AD09
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=123648273493992716
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=123648273493992716
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=123648273493992716
date
Sun, 30 Apr 2023 03:17:00 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame AD09 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_349be9a1-420f-4de7-bff4-0fe61e91a85b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WZ3AMQYX4889NQ91BCYS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 7E4E 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g7e5de49f3d7225ba876
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DZXCDJDHNGXDK4T2E2XG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 7E4E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEGNMfpuZeTsuSLVSkVQxBA8&google_cver=1
43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEGNMfpuZeTsuSLVSkVQxBA8&google_cver=1
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.5.252.145 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:01 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEGNMfpuZeTsuSLVSkVQxBA8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/ Frame 7E4E
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LH2UBVNW-24-42XM
43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LH2UBVNW-24-42XM
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.5.252.145 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:01 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LH2UBVNW-24-42XM
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 7E4E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=g7e5de49f3d7225ba876
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=g7e5de49f3d7225ba876
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=dbc01663-c844-4c7b-8d51-915c42e47094%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&ttd_puid=dbc01663-c844-4c7b-8d51-915c42e47094%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&ttd_puid=dbc01663-c844-4c7b-8d51-915c42e47094%2C%2C
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Server
34.111.113.62 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&ttd_puid=dbc01663-c844-4c7b-8d51-915c42e47094%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
sync
ads.yieldmo.com/v000/ Frame 7E4E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g7e5de49f3d7225ba876
  • https://ads.yieldmo.com/v000/sync?tdid=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6
43 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.5.252.145 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:01 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
181
pixel
cm.g.doubleclick.net/ Frame 7E4E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=ZzdlNWRlNDlmM2Q3MjI1YmE4NzY=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
~f05d4i1.js
wsdk-files.webengage.com/webengage/8261785d/ 		1 KB
783 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wsdk-files.webengage.com/webengage/8261785d/~f05d4i1.js?r=1642049485000
Requested by
Host: ssl.widgets.webengage.com
URL: https://ssl.widgets.webengage.com/js/webengage-min-v-6.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1e0ed4f8a9e91d5e00fc839edbc3944d821e376be486fc60c77a46431d74cb5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
content-encoding
gzip
via
1.1 7c892814cd49a1aa7218fdfabfbac856.cloudfront.net (CloudFront)
x-amz-version-id
cwrufCnknLI483GjDgcRJntLrRi37ovD
cf-cache-status
HIT
x-amz-cf-pop
YTO50-C2
age
218190
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
484
last-modified
Thu, 13 Jan 2022 10:21:22 GMT
server
cloudflare
etag
"b2b0a9528e46778b26720c472a9cdc56"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7bfca1168bbe4bb8-YUL
x-amz-cf-id
14Mcs6gT570nAUtjhPQnj7p6HgiBAq6MIcxF4K3ukfcBtWfcG-CcJQ==
view
securepubads.g.doubleclick.net/pcs/ Frame E448 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfUMEQLnNB7F8CTtmpn4LrV0eEFa9biVNeWsljiJe86jO4jTPMtaCGnPpqOjLlzpBZL9g8FQFG9KLF7ro7Pbe6Jhd1kqcV2slsaZG6BsTOHMtRZSrdErgJoZAugQ0weTyZY0unK5udpnmoSgWwu1jTv1DHMQNqm1HeljuYyM6cF4wObQ_5TNa3Rxx4jPQWfXAjzLbtHT7iNA6NPmYrQGIB4-YMQDtWAT7XI5uZ129_CdlJpTnv-hSyfe28h-KlOUhuk8WwgaSe-QR0hDvnfbwyFsceloA3P5aTz-ptX1hHcAvcjvGJbqTubJ5PzOQyBlGyyqLmKQDVFpqCvPJ-a1Y0Ru5zYMki6T0DL2ktz2CF_-jBp4DdOnZeCzgzqRloVHHKtCs&sai=AMfl-YSi3t-NjfimhFFlWq7H4NB7nrj1n5WZXZDm2QJr6UleKBrtjcrp7_155SHARS1NCAkEMENVgpJvW0mnKJb3-m4349pA5isfmE-5JTCJkTuTsQzS1CxY2RfclRcVyw&sig=Cg0ArKJSzEhz_WHakUWXEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame E448 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 14:06:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
47406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8751
x-xss-protection
0
server
cafe
etag
8024400250147624166
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 14:06:54 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame E448 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:27:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
28164
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 19:27:36 GMT
l
www.google.com/ads/measurement/ Frame E448 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTcJK0a8c4cB7fbsfHjbG7ym4-PJVqKs1aocTcHxtlBIas_TI86yMTsw7uEXV6O6shGApw4UtNraswunKKh2dYcfh_2OA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E448 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 03:17:00 GMT
16844537867703157070
tpc.googlesyndication.com/simgad/ Frame E448 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16844537867703157070
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e9cb6b6a57ffd770bf3e2f5a132b366b16e751830287a41ae18cd6d8385355a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 23:12:51 GMT
x-content-type-options
nosniff
age
101049
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20581
x-xss-protection
0
last-modified
Fri, 07 Apr 2023 04:41:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 27 Apr 2024 23:12:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 74EC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJPhN8WsvVlod_U3uWOiWP-fcP5jb9gX6q4SCPk_v0XSmmJV57mHmt_lzRSE9JxY9FmVndgkVS90BrFeLAGLpwUy6r7h4srFK4jLXu8UUzgBJTs_duScc33v8o6znDJmGEmqzfeLmUKTWVhc2SSMXVXIsDp4-eSXBdBVswTOPv3zH4LcG4rZ5Kyvk7NUzg3Rpfl0PZ7pvMLOfNwksPjPfW48Z8P4kQhlxI7y83pNxNy7aDixT77qAdnwPG3DADG9LBppZv0i86F9TPxiXzuygXH-Gpy6NJDyivTCH_9XT4B0637Q8Bd4KvQBF6nOmAEM8NZmQm5U_Q-13WGO18HVWbK1RoSxfkkoWNLYjKr-KBYDunBOqjjQoAbJsuD6YJMrq7IX0&sai=AMfl-YSCwerkQf6874di8kLb_dtLiwpN3ZNnX8Rk-uevxD9bMvLPpPI42EccwUhtayke7VC7q8wwBFN-hU-u7bBc_UKuNJe6MHm7MeCVgeBxA0PqJWLYUtCmPlNNVeJC5A&sig=Cg0ArKJSzLdX4h_4W8ajEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
16844537867703157070
tpc.googlesyndication.com/simgad/ Frame 74EC 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16844537867703157070
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e9cb6b6a57ffd770bf3e2f5a132b366b16e751830287a41ae18cd6d8385355a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 23:12:51 GMT
x-content-type-options
nosniff
age
101049
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20581
x-xss-protection
0
last-modified
Fri, 07 Apr 2023 04:41:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 27 Apr 2024 23:12:51 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 74EC 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 14:06:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
47406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8751
x-xss-protection
0
server
cafe
etag
8024400250147624166
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 14:06:54 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 74EC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:27:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
28164
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 19:27:36 GMT
l
www.google.com/ads/measurement/ Frame 74EC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwNpvU94HThoaDJszuMYfkMhlymQoZNInhrjSVdsHk2Il998fy7Z_0_8uEboc0-kAuMaHCmQ4h6qS7bRb8zDVhvCd9Vg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 74EC 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 03:17:00 GMT
usersync
usersync.gumgum.com/ Frame 9DB3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=b8aa644d-ddac-4200-9e46-df8bdf303fe7&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=b8aa644d-ddac-4200-9e46-df8bdf303fe7&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
Sun, 30 Apr 2023 03:16:59 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master ord-pixel-x13 config_version:"unknown"
location
https://usersync.gumgum.com/usersync?b=mmh&i=b8aa644d-ddac-4200-9e46-df8bdf303fe7&gdpr=&gdpr_consent=
user-sync
sync.adkernel.com/ Frame 99FC 		21 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
43e96d451b13a80f769c106908376c94b31beb9aac6566498c5c60f0059ca4f1

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
21
Date
Sun, 30 Apr 2023 03:17:00 GMT
Pragma
no-cache
Server
nginx
usersync
usersync.gumgum.com/ Frame B123
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=ZE3drAAGheToBABa&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZE3drAAGheToBABa&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 30 Apr 2023 03:17:00 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZE3drAAGheToBABa&gdpr=&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12831-YUL
x-timer
S1682824621.669184,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 0A14 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8zNDliZTlhMS00MjBmLTRkZTctYmZmNC0wZmU2MWU5MWE4NWI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 03:17:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1FF7 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=69459
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 03:17:00 GMT
expires
Sun, 30 Apr 2023 22:34:39 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 7B7F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Sun, 30 Apr 2023 03:17:00 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
idsync
tg.socdm.com/aux/ Frame 1C50 		0
0
usersync
usersync.gumgum.com/ Frame 4439
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=u_349be9a1-420f-4de7-bff4-0fe61e91a85b&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
  • https://usersync.gumgum.com/usersync?b=aad&i=6a267f58-9a27-4b1f-b242-d1be8c09a1de
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=6a267f58-9a27-4b1f-b242-d1be8c09a1de
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=6a267f58-9a27-4b1f-b242-d1be8c09a1de
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Apr 2023 03:17:00 GMT
user-sync
sync.adkernel.com/ Frame 9BE0
Redirect Chain
  • https://dm-eu.hybrid.ai/match?id=407&burl=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D153116%26dsp%3D520869%26t%3Dimage%26uid%3D%24%7BVID%7D
  • https://sync.adkernel.com/user-sync?zone=153116&dsp=520869&t=image&uid=c00c3da12606d9a78549
42 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=153116&dsp=520869&t=image&uid=c00c3da12606d9a78549
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=153116&r=%2F%2Fcpm.adsolut.in%2Fuser-synced%3Fzone%3D153116%26uid%3D%7BUID%7D
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:01 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
location
https://sync.adkernel.com/user-sync?zone=153116&dsp=520869&t=image&uid=c00c3da12606d9a78549
access-control-allow-origin
https://sync.adkernel.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
519
content-length
0
x-xss-protection
1; mode=block
expires
-1
ecm3
s.amazon-adsystem.com/ Frame 34DB 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=GkKlUPZHQGMoja2dRFio4GZZ&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KF88SB343E8MNC01FQPB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 34DB
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1682824620607&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=750B201F00374D3C9EC50C19E920AA21
43 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=750B201F00374D3C9EC50C19E920AA21
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
69.175.41.44 Yorktown Heights, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 03:17:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=750B201F00374D3C9EC50C19E920AA21
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 29 Apr 2023 03:17:00 GMT
merge
ce.lijit.com/ Frame 34DB
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=986d7445-fd9d-4859-9705-5a4eb3759be0-644dddac-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=986d7445-fd9d-4859-9705-5a4eb3759be0-644dddac-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D986d74...
  • https://ce.lijit.com/merge?pid=16&3pid=986d7445-fd9d-4859-9705-5a4eb3759be0-644dddac-4341&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=986d7445-fd9d-4859-9705-5a4eb3759be0-644dddac-4341&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
69.175.41.44 Yorktown Heights, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 03:17:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ce.lijit.com/merge?pid=16&3pid=986d7445-fd9d-4859-9705-5a4eb3759be0-644dddac-4341&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame 34DB
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=Sgwg2la3C3RuQ141fRFL&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=Sgwg2la3C3RuQ141fRFL&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
69.175.41.44 Yorktown Heights, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=Sgwg2la3C3RuQ141fRFL&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Sun, 30 Apr 2023 03:17:01 GMT, Sun, 30 Apr 2023 03:17:01 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 34DB
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=5228208061499362106&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=5228208061499362106&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
69.175.41.44 Yorktown Heights, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 03:17:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b51044dd-419f-4f46-9af8-f11b0ef45feb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=12&3pid=5228208061499362106&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 34DB
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
69.175.41.44 Yorktown Heights, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ce.lijit.com/merge?pid=27&3pid=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
223
khaos.jpg
token.rubiconproject.com/ Frame D2C1 		284 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usermatchredir
ssum-sec.casalemedia.com/ Frame 5666 		43 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
0
Keep-Alive
timeout=1, max=495
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame F980
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=Sgwg2la3C3RuQ141fRFL&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=Sgwg2la3C3RuQ141fRFL&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 30 Apr 2023 03:17:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 30 Apr 2023 03:17:01 GMT Sun, 30 Apr 2023 03:17:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=Sgwg2la3C3RuQ141fRFL&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 5421
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 03:17:00 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 03:17:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usermatch
ssum-sec.casalemedia.com/ Frame D22C 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
10be60e346fdff543ca35e2091c080ce876d34eb8ae5738792e960a8abd64399

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1755
Content-Type
text/html
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
0
Keep-Alive
timeout=1, max=494
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
312Y9YFTpML._SL160_.jpg
m.media-amazon.com/images/I/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/312Y9YFTpML._SL160_.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2506:de00:1d:d7f6:39d2:2dc1 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
17a0d2449db9e6d41640f4af07e0525a3ea23f6f0813a7587d143806f1899213

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 07:36:39 GMT
via
1.1 343244031758b0b51a24ef2fac7819dc.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD58-P6
age
2576421
x-cache
Hit from cloudfront
x-nginx-cache-status
HIT
server-timing
provider;desc="cf"
content-length
3704
last-modified
Thu, 28 Apr 2022 09:02:43 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
82ec66f8-f21e-44a3-b80a-b99d17f050c5
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
XxDg9wRq6tXEz7oSbzHOvLBcBP660SBiOGbmtIhsrUWUWwd6Pn80Tg==
expires
Wed, 25 Mar 2043 07:48:22 GMT
amazon-logo.png
images.hindustantimes.com/images/app-images/2021/10/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.hindustantimes.com/images/app-images/2021/10/amazon-logo.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13:791::1833 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9def66e6f815c8a84214b730ceb3e0c8b212370247a78c8fecb7e564c545fb4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
last-modified
Mon, 18 Oct 2021 10:34:53 GMT
x-serial
854
server
Akamai Image Manager
x-check-cacheable
YES
etag
"5e9ef288d07e7ebf6c823e3c301609c8"
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=866080
content-length
1160
expires
Wed, 10 May 2023 03:51:40 GMT
31CByeOevRL._SL160_.jpg
m.media-amazon.com/images/I/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/31CByeOevRL._SL160_.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2506:de00:1d:d7f6:39d2:2dc1 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
4c58c97cf8820bbf0e44e4ec95a2dacd7a2c2664455fbaecf92a3628deb6f378

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 18:37:01 GMT
via
1.1 343244031758b0b51a24ef2fac7819dc.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD58-P6
age
981599
x-cache
Hit from cloudfront
x-nginx-cache-status
HIT
server-timing
provider;desc="cf"
content-length
2088
last-modified
Wed, 05 Jan 2022 08:20:33 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
75c6ea35-a9bf-44b2-a51c-550f8d9547a1
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
zhwBoC67XuStaCfgC6TFqo4fIShGY5v2UX0CJU6_KddotwY-hmo8Og==
expires
Mon, 13 Apr 2043 18:35:57 GMT
31e38UL9TdL._SL160_.jpg
m.media-amazon.com/images/I/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/31e38UL9TdL._SL160_.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2506:de00:1d:d7f6:39d2:2dc1 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
3b41fc15a014f0fe32a7b5335422d3a6c4f4d993648b0fcf8201b04aeeee14e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:02:03 GMT
via
1.1 343244031758b0b51a24ef2fac7819dc.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD58-P6
age
29697
x-cache
Hit from cloudfront
x-nginx-cache-status
HIT
server-timing
provider;desc="cf"
content-length
2619
last-modified
Fri, 06 Jan 2023 14:04:20 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
384ab940-dfe9-43d5-b808-36919cbfa106
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
hgvsm_HQ30DVMlcyHz2su9uBxixBjJ7zq24eZ_CoT2NKKfuSf_jj4w==
expires
Fri, 24 Apr 2043 18:50:08 GMT
31+zQ-U0YxL._SL160_.jpg
m.media-amazon.com/images/I/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/31+zQ-U0YxL._SL160_.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2506:de00:1d:d7f6:39d2:2dc1 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
f690a08d144f2ab8553a069812fc2a5aca8d6e75e591e2756183ac8ad38ee6e0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 17:02:40 GMT
via
1.1 343244031758b0b51a24ef2fac7819dc.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD58-P6
age
987260
x-cache
Hit from cloudfront
x-nginx-cache-status
HIT
server-timing
provider;desc="cf"
content-length
2083
last-modified
Fri, 03 Feb 2023 20:43:06 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
acbba6aa-f6d5-429b-9708-25f205fab0cb
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
kjIwoChkbJK80Usu3YYNVqtcNsUGbbCFfczc-C34NxGHIqY34V3V2g==
expires
Mon, 13 Apr 2043 17:00:37 GMT
async_usersync
ib.adnxs.com/ Frame 1CC3 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
AN-X-Request-Uuid
ffb2031f-d7aa-4154-9e3f-8ba9f5ab1cbf
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
l4.jpg
c.webengage.com/ 		43 B
398 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.webengage.com/l4.jpg
Requested by
Host: ssl.widgets.webengage.com
URL: https://ssl.widgets.webengage.com/js/webengage-min-v-6.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.184.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-184-9.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,content-type
x-xss-protection
1; mode=block
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame A180 		85 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sun, 30 Apr 2023 03:17:00 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12831-YUL
x-timer
S1682824621.856964,VS0,VE14
Pug
image2.pubmatic.com/AdServer/ Frame EED7
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188715267948443
42 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188715267948443
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 03:16:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sun, 30 Apr 2023 03:17:00 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969188715267948443
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
ecm3
s.amazon-adsystem.com/ Frame E518 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID1EC31412-D5A5-431C-B807-57F99054DBF9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 03:17:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
QD9F1QGSHG9XN4C44D2K
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FB82
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HsMUEtWlQxy4B1f5kFTb-Q%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:01 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=69458
accept-ranges
bytes
content-length
5554
expires
Sun, 30 Apr 2023 22:34:39 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame FB82
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=1EC31412-D5A5-431C-B807-57F99054DBF9
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=dbc01663-c844-4c7b-8d51-915c42e47094%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&ttd_puid=dbc01663-c844-4c7b-8d51-915c42e47094%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&ttd_puid=dbc01663-c844-4c7b-8d51-915c42e47094%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
34.111.113.62 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&ttd_puid=dbc01663-c844-4c7b-8d51-915c42e47094%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
xuid
eb2.3lift.com/ Frame FB82 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=1EC31412-D5A5-431C-B807-57F99054DBF9&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 03:17:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
insync
thrtle.com/ Frame FB82
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=1EC31412-D5A5-431C-B807-57F99054DBF9&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=1EC31412-D5A5-431C-B807-57F99054DBF9&vxii_pid=12&vxii_pid1=10067&vxii_rcid=1de8fb0e-c49b-4e27-9dff-f3522c4d1540
43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=1EC31412-D5A5-431C-B807-57F99054DBF9&vxii_pid=12&vxii_pid1=10067&vxii_rcid=1de8fb0e-c49b-4e27-9dff-f3522c4d1540
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
52.0.82.32 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Sun, 30 Apr 2023 03:17:01 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=1EC31412-D5A5-431C-B807-57F99054DBF9&vxii_pid=12&vxii_pid1=10067&vxii_rcid=1de8fb0e-c49b-4e27-9dff-f3522c4d1540
date
Sun, 30 Apr 2023 03:17:00 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
Pug
image2.pubmatic.com/AdServer/ Frame FB82
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUVDMzE0MTItRDVBNS00MzFDLUI4MDctNTdGOTkwNTREQkY5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
162.248.18.37 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FB82
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKO7zWNkbnZN9YvF0l55YHg&google_cver=1
42 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKO7zWNkbnZN9YvF0l55YHg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
162.248.18.37 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 03:16:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKO7zWNkbnZN9YvF0l55YHg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FB82
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:750B201F00374D3C9EC50C19E920AA21
42 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:750B201F00374D3C9EC50C19E920AA21
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
162.248.18.37 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 03:17:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sun, 30 Apr 2023 03:17:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:750B201F00374D3C9EC50C19E920AA21
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 29 Apr 2023 03:17:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FB82
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7035511301371244188&gdpr=0&gdpr_consent=&us_privacy=
1 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7035511301371244188&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
162.248.18.37 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 03:17:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7035511301371244188&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame D22C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3drD4L2EtJ03xMOguA5AAADwsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOgHFjuz-m0LBZhmEbB0Eqo&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOgHFjuz-m0LBZhmEbB0Eqo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOgHFjuz-m0LBZhmEbB0Eqo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame D22C 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3drD4L2EtJ03xMOguA5AAADwsAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XJ7MJ45YG5B5HQQ3BVDY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D22C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE3drD4L2EtJ03xMOguA5AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGnk7xI7DUJr3P0qC7tDh8w&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGnk7xI7DUJr3P0qC7tDh8w&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGnk7xI7DUJr3P0qC7tDh8w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D22C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&expiration=1685416621&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&expiration=1685416621&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=491
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&expiration=1685416621&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
rum
dsum.casalemedia.com/ Frame D22C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=ec64dd5e-e417-4ad3-be4f-a40fc68e043f&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=4dc13655-7864-4f56-8e77-3f84a75178d6&gdpr=&gdpr_consent=&us_privacy=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=4dc13655-7864-4f56-8e77-3f84a75178d6&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=4dc13655-7864-4f56-8e77-3f84a75178d6&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 30 Apr 2023 03:17:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame D22C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3drAAGheToBABa
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3drAAGheToBABa
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-yul12831-YUL
pragma
no-cache
date
Sun, 30 Apr 2023 03:17:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1682824621.008211,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3drAAGheToBABa
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame D22C
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=33aa4adb-0818-448e-95a3-5eb179cb7f90&expiration=1714447021
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=33aa4adb-0818-448e-95a3-5eb179cb7f90&expiration=1714447021
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=33aa4adb-0818-448e-95a3-5eb179cb7f90&expiration=1714447021
Date
Sun, 30 Apr 2023 03:17:01 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame D22C
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZE3drD4L2EtJ03xMOguA5AAA%263851&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=7c689596-9a14-4ec5-b113-99c94e6cbc40-tuctb47632d
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=7c689596-9a14-4ec5-b113-99c94e6cbc40-tuctb47632d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=490
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=7c689596-9a14-4ec5-b113-99c94e6cbc40-tuctb47632d
date
Sun, 30 Apr 2023 03:17:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27473
htw-pixel.gif
cdn.indexww.com/ht/ Frame D22C 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZE3drD4L2EtJ03xMOguA5AAA%263851
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.hindustantimes.com%2Fbusiness-news%2Fmicrosoft-says-it-found-malicious-software-from-solarwinds-in-its-systems%2Fstory-AcYtEwmLM9MGZBFXldoJyH.html&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:01 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
35352
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7bfca119dd75543d-YYZ
content-length
43
expires
Mon, 01 May 2023 03:17:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E448 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwwGKT9gK11tdeRnpIOWJ59mLa7Yl_iZeR_ShFLGybX-2Yw8NiPtRJG1sedYBxBgMTBXiBHh5DvuNRdrMhz23Oz7XLs7mM2vDHKdD07pzZuuybUy6xfrN74DtqHMMVqS3J7xpzqLyLh06q3uyKnWdJrX6s2DQEeT7FqS8UswVOE8qbAl_zvB2qTmb63K84AjfkIFwktthogSYX0BoPJ5cywjML287TGCXW5CTU3aqQUzPEapyZLUV2nONVNGrI1lxmn7zkMnFK8Aw1B2Q2eYA5VUp3xMvppFNI4nnxO4xWzPrnS1hOm8DCUy8Tkn-GfAygBOKexqDMltCzcaJE4xD3hDqDk3M-kJPAXg8D8EwiXwziblwzIhtGk-Q7Nc_UzNpNq9oiLw&sai=AMfl-YS0cPPZLIOILyWC5K1VvVhpk5IP7MVBoUuI22G2NitwtQ-cysr9LSoo_Ht8kQPEqAbD5Vi7bfhoBIGQZnHLah4o927ZBozEv84t8z7jFB1zKyprmWBNn9RH4xX0Mw&sig=Cg0ArKJSzAOi8diTo6KBEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 03:17:00 GMT
l4.jpg
c.webengage.com/ 		43 B
398 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.webengage.com/l4.jpg
Requested by
Host: ssl.widgets.webengage.com
URL: https://ssl.widgets.webengage.com/js/webengage-min-v-6.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.184.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-184-9.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 30 Apr 2023 03:17:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,content-type
x-xss-protection
1; mode=block
211246f4-5e07-41d9-95a4-26a1e09bb405.png
afiles.webengage.com/8261785d/ Frame 9975 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afiles.webengage.com/8261785d/211246f4-5e07-41d9-95a4-26a1e09bb405.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5d32eba223bb38d84ac33c2d62ea01557cbf4438ef866c7578c5133035eec81

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:01 GMT
via
1.1 28b8fcaccf73021230d8e4a6c3d9e81e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
YTO50-C1
age
418597
cf-polished
origFmt=png, origSize=10919
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
inline; filename="211246f4-5e07-41d9-95a4-26a1e09bb405.webp"
content-length
4814
cf-bgj
imgq:100,h2pri
last-modified
Mon, 19 Apr 2021 08:42:54 GMT
server
cloudflare
etag
"97d72af9b642a1d88fdcad311d0e0fbf"
vary
Accept
content-type
image/webp
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7bfca11928b04bb8-YUL
x-amz-cf-id
Ii-nzxSyHdAaVRqYCA2RJxT0LDXVnp_SyO1fQBBBNkojGJx0tKbUhg==
view
securepubads.g.doubleclick.net/pcs/ Frame 74EC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssieUh5UqibQWLuGVdUqhAoVb3BplzEoDp4mqpvGv_XolKMWbObZ95J100OUPsEp07YXupw5b6g-VJBszH65aOxRNC90GI4SW2fFCbbaWfJz7x1C-gbFWqXjTDxZFLhRhRE8S7eur_stmm8YXqbliEwMhscUGwTXnPI0BRY02CbVtwfB90Lb6fSclnup3P5T301OPX1a1KL5h5naSX3HriOmsjSabAW79xuVS0nuaX0JZTqUj4GmLwDtq5dvkvVblZ4GCLW1AGXSsE0zkxuJdlcftS-mM4jyS5DJ-H0QRG8CXZCAxM--zaJpxGL2B9AdKtjxCgfXC590UVsiJqOUMzgvOlBVF5f29vdzDTW2dowGd8VFEwwvgUX753tOUZpnH_OpdNeXQ&sai=AMfl-YS6jK8XR5Yrkl_vRnhkQxcEM71oMab4KBuune19CzLHUwbl4zVFWea49j50B_yaJ15TXjtWCbRx41E3DG5_l74yszQEQpkGJIviZoeEeuvFDOQ-N6pyP5sPBrkUhg&sig=Cg0ArKJSzI6yz4YuqiqSEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 03:17:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AA1B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
59949
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 10:37:52 GMT
expires
Sun, 28 Apr 2024 10:37:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AFCB 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
28d89279604baba7b0f2ab73771169d7ccbd52b7005aaba9288fced77c7bbf7f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Qi-NOTH52G4i575oo2pg7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Qi-NOTH52G4i575oo2pg7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 03:17:01 GMT
expires
Sun, 30 Apr 2023 03:17:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ecm3
s.amazon-adsystem.com/ Frame D2C1
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LH2UBVOH-11-A39I
  • https://s.amazon-adsystem.com/ecm3?id=LH2UBVOH-11-A39I&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LH2UBVOH-11-A39I&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G98F51Y3DRZXNT2BVV51
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LH2UBVOH-11-A39I&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
usync.js
eus.rubiconproject.com/ Frame 5421 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-5-93.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 03:17:01 GMT
Content-Encoding
gzip
Last-Modified
Sat, 29 Apr 2023 17:49:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52355
Connection
keep-alive
Content-Length
10020
Expires
Sun, 30 Apr 2023 17:49:36 GMT
l4.jpg
c.webengage.com/ 		43 B
398 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.webengage.com/l4.jpg
Requested by
Host: ssl.widgets.webengage.com
URL: https://ssl.widgets.webengage.com/js/webengage-min-v-6.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.184.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-184-9.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 30 Apr 2023 03:17:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,content-type
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame 11A3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcL7N4CyPEOKfeBo_aR8D-nl2oaXO0EKzV8e07e-RAsFRdyOrIqBuuVHRlnleWssyZ7Roat9BiZtqpwYZUHlnj7yqQSCeKcAwKF_Ya-emM8GT2vRW6YSrumjcvKv5sBPKSzbZBpOVQHRI4rRl1GbWLR7jPCetBMh3_menW0WJ3YUd53UNK307D4S6Q8d6RK6oAJHvhzKWi-N8motPrJUAwi2A4ijqRBrYj-mWL8QADnsuIQ72SdizIQp1jSIKS3ilf3rHNpXCaguI3y0dcvxfw8JcvKz2UMEVHaM8_P8XByk3AjwmQBGmwvnXnwQbYXeC_JSaJURZgcAFkjDYdirR3OnDSPcva-A4dYouQ4M5W_G0U_J-Q9s0WhqYk6Q&sai=AMfl-YSFETm5OYs0nUFlQktFhy3Su9JtsO_Eg0cE-C6DnGgM12wz9-0B2DYyScgwDt1qtINPnYVHx5v2WrMpitAdnWbRmGipzvRn02WY5T8o6WahV7wPRfY8Ey5bDEELrGxJ9WE72vyAOU2fvN3EbmK63G8&sig=Cg0ArKJSzMdCixRHzJmUEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
spt
tg1.aniview.com/api/adserver/ Frame 11A3 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.aniview.com/api/adserver/spt?AV_TAGID=62e7be7368c78503452d8b76&AV_PUBLISHERID=59c9148628a0612da3689288
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0539ee4a4df74a354644ee0555eb0c7c457d3a6349199638bbae86620506839

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:01 GMT
content-encoding
gzip
x-hw
1682824621.dop034.dc2.t,1682824621.cds204.dc2.hn,1682824621.cds052.dc2.c
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
7268
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 11A3 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 03:17:01 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/022304132133000/ Frame B414 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022304132133000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d1ced72911892365fa799b44af92240a646d2a3b3ae47a8327a4ecda27bdd3bf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 02:51:45 GMT
age
87916
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61769
x-xss-protection
0
server
sffe
etag
"92d474e178b13d24"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 02:51:45 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/022304132133000/v0/ Frame B414 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022304132133000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
85afe5d6b60132a4c60a797263462587cbedf641bf528a053b9a63753b7a53b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 08:12:47 GMT
age
68654
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5222
x-xss-protection
0
server
sffe
etag
"8e65ad5048245435"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 08:12:47 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/022304132133000/v0/ Frame B414 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022304132133000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
87164df907b04e7cc17ecf6cc67fc70758df16f4abe9ae99fdbb24ff5d2ff3ca
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 19:56:29 GMT
age
26432
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28942
x-xss-protection
0
server
sffe
etag
"73bf4bf39cc8fedd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 19:56:29 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/022304132133000/v0/ Frame B414 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022304132133000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f68c8c5b10569e4cfa7a8eb1f137a96a5a6b6623e02e24170d837afe8fe0842e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 17:01:09 GMT
age
36952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1921
x-xss-protection
0
server
sffe
etag
"f061d9295cdc41bd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 17:01:09 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/022304132133000/v0/ Frame B414 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022304132133000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js?cb=31074163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
3532a807c3416a321a14d2e03f65872f747837a3eb23aa8571304ca6ddc1bec4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 12:49:34 GMT
age
52047
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12962
x-xss-protection
0
server
sffe
etag
"8013fcb40cf8ec28"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 12:49:34 GMT
truncated
/ Frame B414 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c34275f15bb786e85d6a9b017ec67f8e78b8cd0330e1005dc5f9cc6da65c90d3

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
4149267847505506647
tpc.googlesyndication.com/simgad/ Frame B414 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4149267847505506647?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql6LWpkveuevbfaLVfJuxDvXDE5qA
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
1887d8772d757ca9d6deabb42be9ee34e4098a185cd5bb95142455bb0dddb40d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:43:08 GMT
x-content-type-options
nosniff
age
27233
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23052
x-xss-protection
0
last-modified
Fri, 02 Dec 2022 16:40:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 28 Apr 2024 19:43:08 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B414 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 22:20:01 GMT
x-content-type-options
nosniff
server
cafe
age
17820
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sun, 30 Apr 2023 22:20:01 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B414 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:31:44 GMT
x-content-type-options
nosniff
server
cafe
age
24317
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sun, 30 Apr 2023 20:31:44 GMT
l
www.google.com/ads/measurement/ Frame B414 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0mNCpWRSQAPjPU4j0VMsyAUKe0uJZG9HT_LeB81wtBWYKUxfL3vHBLoaNcWJMMcn6ckIZ-QqgDoLeEVIjcM1uWi00ww
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame B414 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CmTufrN1NZOqLIMzjzwXc56DIC7O_rJRw_KblhOsQoMrrn5s4EAEgvs-HGmD96KKB8AOgAfHHkf8DyAEC4AIAqAMByAMIqgSfA0_QQS0UOJvbjJxqLjyzyw3h7w6ZFsj4Tdaff1IHYz7ZV4EnrloqfqGRccQECPJ3b8lx7WNN83bAOx28mx1T62vPFDDLwwZWMzS0hDYiF2edk-eJBmrfA-O3q-HqcJatRjidLj3T7PSpTHQ3H8QdJ52O3-R65TkGRVUAxIEy94mXN-EmcFF6L2KqmJkkZPvaSgcUFy3e2UogkOz049rNzVtn_AHSWMVZlZyhM05Ij3LO9PAu_ichm5CPZYozJEqz7xL2Ht6gLybaa_bc9HYRUr4UdtebNtdUzv6WoGdkBF-wDdL9sLmunIvxxBI-f28YAYK0jzbBEsN2acBmCWIBxou9zIU8hHjTMBOG0vrChQeC1MLBRJn35790_dO6jAx99_t9DAYZOEaQ_5T-pmHi8i9fHXqNVQ48nSrSZFQhIns6_8lJxOTQocOdgidwBPJxuiboaUvx3ancHqG6_YHusvHVN9DY47YeJ187ORGarxPrEFtpnOjRa5M37TT53YaqPT7ax2Ywz33cK3nAK7ZGwZ0HtdtG-Em7zaQP9rl_GRDABKS1ppitBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAf3t26oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCxzFDSCA8IgGEQARgdMgKKAjoCgECACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItOTc4MzUxNTQwMzU0MTAwNhii7wg&sigh=GVsrWHVLho4&uach_m=[UACH]&cid=CAQSTgBygQiD4q37vmSfFwusxTbEHtp5B56rLHa-LUUOgZptqgT1xOtm-Dknv9EaVZUtq5kzJMGNygr_Hg0ESwyD_eiDInuSKSWv0YmJJd5o5xgB
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
container.html
ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0033 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 03:17:00 GMT
expires
Mon, 29 Apr 2024 03:17:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame D2C1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEgyVUJWT0gtMTEtQTM5SQ==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDCch21M4vNQFp9_86J4Eek&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyVUJWT0gtMTEtQTM5SQ==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyVUJWT0gtMTEtQTM5SQ==&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyVUJWT0gtMTEtQTM5SQ==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Expires
0
ecm3
s.amazon-adsystem.com/ Frame D2C1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=g71-3bWDSga1MNm5C4XPqA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=g71-3bWDSga1MNm5C4XPqA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=g71-3bWDSga1MNm5C4XPqA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QPXK3X46VBMQMWJ8CR7E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=g71-3bWDSga1MNm5C4XPqA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D2C1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/9Xreco49mpJzZnNKaBpcH8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-KLssO4lE2oJUTBtHcK.CQyVSO9wSkbHMaVn8QQ--~A
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-KLssO4lE2oJUTBtHcK.CQyVSO9wSkbHMaVn8QQ--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 30 Apr 2023 03:17:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-KLssO4lE2oJUTBtHcK.CQyVSO9wSkbHMaVn8QQ--~A
content-length
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame D2C1 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.196 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KVDVF0WAWMV4T3D6BXG4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D2C1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e543a39a-0e1d-4ae3-a551-4e898f0fa1e6&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
setuid
px.ads.linkedin.com/ Frame D2C1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH2UBVOH-11-A39I
0
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH2UBVOH-11-A39I
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:01 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 4F91063E21914E2596DF142EB8F5B1CC Ref B: YMQ01EDGE0508 Ref C: 2023-04-30T03:17:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6hSPH6qgyNPgfdRyoTQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH2UBVOH-11-A39I
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D2C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBh8T0ZtbegRCvERxoQfeVg&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBh8T0ZtbegRCvERxoQfeVg&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBh8T0ZtbegRCvERxoQfeVg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 5421
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LH2UBVOH-11-A39I
  • https://usersync.gumgum.com/usersync?b=mag&i=LH2UBVOH-11-A39I
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LH2UBVOH-11-A39I
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
3.214.33.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 30 Apr 2023 03:17:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LH2UBVOH-11-A39I
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
Expires
0
pixel
cm.g.doubleclick.net/ Frame D2C1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzQzZDA1ODdkYTJkOTNmNzQ3MWZhMTRkYzk3NTgzNzAzMTVhOWQ2ZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzQzZDA1ODdkYTJkOTNmNzQ3MWZhMTRkYzk3NTgzNzAzMTVhOWQ2ZA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:17:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzQzZDA1ODdkYTJkOTNmNzQ3MWZhMTRkYzk3NTgzNzAzMTVhOWQ2ZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
user-synced
cpm.adsolut.in/ Frame 9BE0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cpm.adsolut.in/user-synced?zone=153116&uid=A8322413069602550473
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=153116&r=%2F%2Fcpm.adsolut.in%2Fuser-synced%3Fzone%3D153116%26uid%3D%7BUID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Sun, 30 Apr 2023 03:17:01 GMT
Pragma
no-cache
Server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame AFCB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304250101&jk=3747330957368739&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
pagead2.googlesyndication.com/bg/ Frame AA1B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
284909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:08:32 GMT
truncated
/ Frame 11A3 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
425530578b3ed1d1b9103c611d1f25b2e4e1a4bd89cf4485af13782cd26a368e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5933284304937267351/ Frame DF4D 		186 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5933284304937267351/index.html
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
97ebb315b89a9df6345ad2ebdf245bf68c5f48a9f16eee76661b2b9b37764ea4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
35590
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
27768
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 17:23:51 GMT
expires
Sun, 28 Apr 2024 17:23:51 GMT
last-modified
Mon, 24 Jun 2019 15:15:31 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 0033 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CYENrrN1NZMGRIMzjzwXc56DIC9vBs9dt2q-4rNYQhIP8n68aEAEg2vGODGD96KKB8AOgAee-yu8DyAEJ4AIAqAMByANIqgSdA0_QU_Gxwto2qZJ8chhvgfOKPX9mWq8nMwPIZ3Nfdu6qWQsnYkhc5uQmq5_Aj_z9_fiqHMDgNeEB8ddpd_yT-4r4-SNuKUPztukyqCZKEhz7p8WljxXnH2AdSXss8ETY8YZzT26zca9uCSfnuDfS4L9LC0IjS3d-sPaYK_foGVsUily026byQNMQMZx7aYUexXVcM1ULLwuw1RJExHPQkGPMhgdzIxETfgXruJaTpJHyVQcYrKk3o1eX8xAmBNAHTtgkVe-4tyRAnu7LsM0HXQdq_YESm7-TsjlwhJVUeJ1GUN08bSpjo7Uk8Gz5jZDe_i0KzXh2XJ_IdwhrKSlmONUX27L9pPwKWJVbxsWa3Z46tfD3OcEQmTCLCCIcg6n2gguANXihPDF2rjecVbRHF8JUExrdRw1AygzpdATbgEvKdxpa1sUBUA2wGYX-mvkq_UpMFquip8W7xrNYnqCLydHCR10LpkV003N5LpnvcZTGGJ6jaGEDo-GwlfmQktOtcVAxynJFSUE7uWr16SsONKStuw6hsHOAJsmbugMdwAS2iLiQhwPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHgcG1EKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKbgDtIIDwiAYRABGB0yAooCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi05NzgzNTE1NDAzNTQxMDA2GKLvCA&sigh=SGg1scHodL4&uach_m=[UACH]&cid=CAQSTgBygQiD4q37vmSfFwusxTbEHtp5B56rLHa-LUUOgZptqgT1xOtm-Dknv9EaVZUtq5kzJMGNygr_Hg0ESwyD_eiDInuSKSWv0YmJJd5o5xgB&template_id=419
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 0033 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js
Requested by
Host: ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com
URL: https://ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 14:06:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
47407
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8751
x-xss-protection
0
server
cafe
etag
8024400250147624166
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 14:06:54 GMT
get
feed.avplayer.com/backend/ Frame 11A3 		0
0
avcplayer.js
player.avplayer.com/script/8.3/v/ 		772 KB
198 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8.3/v/avcplayer.js
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1cbae1c8cc7d330811eae70eb3cb7a53a15c95a0e0a6bb3f182e50d66ba256c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:01 GMT
content-encoding
gzip
last-modified
Fri, 21 Apr 2023 09:14:00 GMT
etag
"1682068440"
x-hw
1682824621.dop075.dc2.t,1682824621.cds164.dc2.hn,1682824621.cds228.dc2.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
202939
track
track1.aniview.com/ Frame 11A3 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=63202a62e130df2751342ac7&cid=63202a92278d4d206e64f6b7&cb=1682824621546&r=www.hindustantimes.com&stagid=62e7be7368c78503452d8b76&stplid=62e7be59877ead29c15456c7&d35=&d65=Hca050Test2&d66=8&d74=&e=playerLoaded&str=viewable
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.157.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
css
fonts.googleapis.com/ Frame DF4D 		3 KB
977 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:700,500
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5933284304937267351/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
636ada264d6032540bbcc1efd6860bf9843387f2180554799e517e4d1fc41aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 03:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 03:17:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Apr 2023 03:17:01 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DF4D 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5933284304937267351/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 18:10:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
32777
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5660
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 30 Apr 2023 18:10:44 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DF4D 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5933284304937267351/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 15:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
42464
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 30 Apr 2023 15:29:17 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B414
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.hindustantimes.com
URL: https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
Protocol
H3
Server
2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date
Sun, 30 Apr 2023 03:17:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame CE2E 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com
URL: https://ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2678
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 02:32:23 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 0033 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com
URL: https://ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:27:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
28165
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 19:27:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 0033 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com
URL: https://ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:27:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
28165
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 19:27:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 11A3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoRjI_oIWre8FSFV_wfwKfjOR7N8O6NOB4jU5tU5_iTg1t2aiIxEcekx3vYqw8xbQgssUwNSLlYESxnMzrrCA1HoDPR6C0IYvKYb1KRuk9JQHNvCd0G8-AkSy_JxJZJZ0qaE86N2HZ4hDGVYiTplGMipnnnREfXPiAUSGkbDHN7YFARNgByxvItufCEfrY48f9eeCLlXGHElX30DOeo7bCFxSBQ9oWghiZISVSAquGq1LnTsxlvvpk-opr8ucXV6g1Nj7XjI0F5tcfj0CIx7ogthEo5pucGIneXmY1uE88JUdkW4X-R1lcIgemx37OoEkwundRgqhWeePdTAXhtV3s93XYRXEUgfpAsnfubB86-eNu6sEGZmF9aqbLGTov&sai=AMfl-YQwokBwvBy1xtCM78DXX0gn5aRoZBM3WkiY3kclRksKXOnYIIwnPWV6CkrC7c2u2BdI9i0i4wum5t9MrDpUslWMOENFRd8eyDqIIifw26kIdVmR5Fipg5JIvJICOYqE3gXS6KX33l4FH8J_m2GAIBo&sig=Cg0ArKJSzKJiNPF_ypjuEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.hindustantimes.com/business-news/microsoft-says-it-found-malicious-software-from-solarwinds-in-its-systems/story-AcYtEwmLM9MGZBFXldoJyH.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 03:17:01 GMT
generate_204
tpc.googlesyndication.com/ Frame AA1B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?pifqpw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:17:01 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame DF4D 		0
0
async_usersync
ib.adnxs.com/ Frame 1CC3 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=gumgum
Domain
feed.avplayer.com
URL
https://feed.avplayer.com/backend/get?cmsType=carousel&id=62e7be03c64c2380e0037812&AV_TAGID=62e7be7368c78503452d8b76&pid=63202a62e130df2751342ac7&cid=63202a92278d4d206e64f6b7&AV_TEMPID=62e7be59877ead29c15456c7&AV_PUBLISHERID=63202a62e130df2751342ac7
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Verdicts & Comments Add Verdict or Comment

367 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 boolean| credentialless object| _sf_async_config object| _cbq object| PWT object| googletag string| GoogleAnalyticsObject function| ga object| _comscore object| dataLayer boolean| gtmFire function| htGTMScript function| htAnalyticsScript function| setCookie function| getCookie function| removeCookie function| removeCookie10 function| htLotameFunc function| htLotameConfig function| loadScriptLazyLoad boolean| adFree undefined| xadFree object| google_tag_data object| gaplugins string| apiBaseUrl string| webbaseUrl string| webDomainURL boolean| isAdScriptLoaded string| pageName string| storySection string| sectionName string| pageURL boolean| istokenValid boolean| isPayWallVisible object| trackData object| paywallData string| storyMainSection string| parentSection string| primaryPageSection function| htGPTScript function| q object| apstag function| htPWAScript object| refreshAdSlot function| initAdserver boolean| isMobile boolean| isTablet boolean| isDesktop boolean| isLargeDesktop object| WFClientTypeDef string| type function| isDeviceEnabled object| adSlot function| htAPSScript function| getBids boolean| roadblock function| getCityCode object| cookieVal string| requestUrl object| xhr function| getOfferDetails object| NREUM object| newrelic function| __nr_require string| moeUUID string| signURL function| closeTooltip object| myOffer object| x undefined| element object| _taboola function| popUpAnalytics function| require function| copyClipBoard number| gpTimer number| flDelay number| etimer boolean| educationTemp boolean| worldNewsTemp function| loadCssFile object| GlobalSnowplowNamespace function| snowplow object| COMSCORE object| ns_p function| requirejs function| define boolean| premiumCalled boolean| economistHomeCalled boolean| GlobalShineWidget string| rightLeft function| $ function| jQuery object| liveBlogAd object| rightPanelAdCodeTopGamesSection object| rightPanelAdCodeGamesSectionBottom object| rightPanelAdCodeBottomGamesSection object| gaGlobal object| gaData string| abSectionFromMore string| url number| intCount function| trackSnowPlow number| lastAdPlacedPosition object| Snowplow object| object function| dapDataTracker object| dapTracker string| version object| lotame_16343 function| lotameIsCompatible function| lt16343_ba function| lt16343_b undefined| lt16343_c undefined| lt16343_ca undefined| lt16343_da function| lt16343_ea object| lt16343_e function| lt16343_fa function| lt16343_g function| lt16343_ha object| lt16343_ object| lt16343_na object| lt16343_oa object| lt16343_Na object| lt16343_Xa object| lt16343_Ya object| lt16343_7 function| lt16343_aa function| lt16343_a function| lt16343_d function| lt16343_f function| lt16343_h function| lt16343_ga function| lt16343_ia function| lt16343_i function| lt16343_ja function| lt16343_j function| lt16343_k function| lt16343_l function| lt16343_m function| lt16343_n function| lt16343_la function| lt16343_ka function| lt16343_o function| lt16343_p function| lt16343_ma function| lt16343_q function| lt16343_r function| lt16343_s function| lt16343_t function| lt16343_u function| lt16343_sa function| lt16343_pa function| lt16343_qa function| lt16343_w function| lt16343_ra function| lt16343_x function| lt16343_y function| lt16343_z function| lt16343_A function| lt16343_v function| lt16343_B function| lt16343_C function| lt16343_ta function| lt16343_D function| lt16343_E function| lt16343_ua function| lt16343_F function| lt16343_G function| lt16343_va function| lt16343_H function| lt16343_I function| lt16343_J function| lt16343_L function| lt16343_M function| lt16343_N function| lt16343_K function| lt16343_wa function| lt16343_xa function| lt16343_O function| lt16343_ya function| lt16343_za function| lt16343_Aa function| lt16343_Ba function| lt16343_Ca function| lt16343_Da function| lt16343_Ea function| lt16343_Ia function| lt16343_Fa function| lt16343_Ga function| lt16343_Ha function| lt16343_Ja function| lt16343_La function| lt16343_Ka function| lt16343_Ma function| lt16343_P function| lt16343_Oa function| lt16343_Pa function| lt16343_Qa function| lt16343_Ra function| lt16343_Sa function| lt16343_Ta function| lt16343_Ua function| lt16343_Va function| lt16343_Wa function| lt16343_Q function| lt16343_Za function| lt16343__a function| lt16343_0a function| lt16343_R function| lt16343_S function| lt16343_1a function| lt16343_T function| lt16343_U function| lt16343_2a function| lt16343_3a function| lt16343_4a function| lt16343_V function| lt16343_W function| lt16343_X function| lt16343_Y function| lt16343_5a function| lt16343_8a function| lt16343_7a function| lt16343_6a function| lt16343_Z function| lt16343__ function| lt16343_0 function| lt16343_1 function| lt16343_4 function| lt16343_$a function| lt16343_bb function| lt16343_ab function| lt16343_db function| lt16343_cb function| lt16343_2 function| lt16343_fb function| lt16343_hb function| lt16343_gb function| lt16343_3 function| lt16343_9a function| lt16343_eb function| lt16343_ib function| lt16343_jb function| lt16343_kb function| lt16343_lb function| lt16343_5 function| lt16343_6 function| lt16343_mb function| lt16343_nb function| lt16343_ob function| lt16343_pb function| lt16343_qb function| lt16343_rb function| lt16343_sb function| lt16343_tb function| lt16343_ub function| lt16343_vb function| lt16343_8 function| lt16343_yb function| lt16343_zb function| lt16343_xb function| lt16343_wb function| lt16343_Bb function| lt16343_Ab function| lt16343_Db function| lt16343_Cb function| lt16343_Eb function| lt16343_Fb function| lt16343_Gb function| lt16343_Hb function| lt16343_Ib function| lt16343_Jb function| lt16343_Lb function| lt16343_Ob function| lt16343_Nb function| lt16343_Kb function| lt16343_Rb function| lt16343_Mb function| lt16343_Pb function| lt16343_Tb function| lt16343_Sb function| lt16343_Ub function| lt16343_Qb function| lt16343_Vb function| lt16343_Wb function| lt16343_Xb function| lt16343_9 function| lt16343_Yb function| lt16343_Zb function| lt16343__b function| lt16343_0b function| lt16343_1b function| lt16343_$ function| lt16343_2b function| lt16343_3b function| lt16343_4b function| lt16343_5b function| lt16343_6b function| lt16343_7b function| lt16343_8b function| lt16343_9b function| lt16343_ac function| lt16343_bc function| lt16343_cc function| lt16343_$b object| google_tag_manager object| ggeac object| google_js_reporting_queue object| owpbjsChunk object| owpbjs object| _pbjsGlobals object| partnersWithoutErrorAndBids object| matchedimpressions object| ucTag object| OWT object| GooglebQhCsO function| loadHTNotificationScript object| webengage boolean| apstagLOADED object| apscustom object| _aps object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv undefined| google_measure_js_timing object| gutterAds object| pbsLatency object| firebase string| baseUrl string| applicationId object| config boolean| isOpera boolean| isFirefox boolean| isChrome string| originProtocol function| activateNotifications function| webpackJsonpFirebase object| closure_lm_737653 function| onYouTubeIframeAPIReady object| google_optimize object| _weq object| PublisherCommonId object| webengage_fs_configurationMap boolean| initAdserverFlag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms undefined| data

139 Cookies

Domain/Path Name / Value
.hindustantimes.com/ Name: ht-location
Value: CA
www.hindustantimes.com/ Name: HTMyOffer
Value: myOfferHT
.hindustantimes.com/ Name: ak_bmsc
Value: 41AEEB871E6BFCEEAC88B5D70BE9EA58~000000000000000000000000000000~YAAQrXR+aKsXLaaHAQAA1tsp0BNZzUrL1tFyzVbQDQkAaI+qhkZ8RlJ3rtpqxR1A4C//NkHqhVWQMq5Ly+/HMTexI9aUtL2+lmm/lV/LV19MeyPqUtEl+PHLdpmAmg4CjacbmWCmOCDx4YDNa4msJbKOGbum37LwlYXlt+MkISDkoUegTJjofRB9g3Z1cLKZ+1dBleuMdndEz8eXej5Glk/FqXgkgoXs6R9JTl69qy0WEGgfe+OAM7EOgxZZCUeEo65KEXN4SnGTHJmCOrViPqd8Dm/vWdGWjeTifRC8WlUrWILe5EKCvZMnuj+EOYAwphHkoCbLXP3VRjWxCIIhKsN6NT2QaWLKur9SF7yUHA9YNsNH4okHmRStXAuQypBN+MdW8yNwMnCxgutzTBN5gNvyl+d9MYLo94FIAidWL0x+bWXF
.scorecardresearch.com/ Name: UID
Value: 16F7faefc0d4a96bffaa12a1682824616
.hindustantimes.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.hindustantimes.com/ Name: _gid
Value: GA1.2.1097292624.1682824617
.hindustantimes.com/ Name: _gat
Value: 1
.hindustantimes.com/ Name: articleCount
Value: 1
.hindustantimes.com/ Name: usercountry
Value: CA
.hindustantimes.com/ Name: usercity
Value: QC
www.hindustantimes.com/ Name: _sp_ses.e8bf
Value: *
.hindustantimes.com/ Name: _ht_fp
Value: 3e33f1de-d7d5-4cb2-ba8b-5a6e78d77f92
.hindustantimes.com/ Name: ppid
Value: e24860483f2324e2c8ec01573c10115f935405b435b17d04c2db91b51615114a
.hindustantimes.com/ Name: _domain_fp_id
Value: 3e33f1de-d7d5-4cb2-ba8b-5a6e78d77f92
www.hindustantimes.com/ Name: _sp_id.e8bf
Value: 2e3bd9ea-7c64-4ab8-8caf-1dfc83babc92.1682824617.1.1682824619.1682824617.a7013744-e40c-4d03-a922-85cac87a843c
.hindustantimes.com/ Name: gptScript
Value: true
.hindustantimes.com/ Name: cdpCountrytrack
Value: true
.hindustantimes.com/ Name: lotameast
Value: 1
.hindustantimes.com/ Name: lotame_domain_check
Value: hindustantimes.com
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: d1799f33bfd03ba588bba2824349c65d
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSDE0t7RMMzZOSksxME5KNLWwSEpKNLIwMjE2sUw2M01hAIIU37urQTQE8K7s2arLeL2e4T8jI8Omub91YOx1SOwnLz7C1Vw69YgNpubc0UPMMPaPjVNYYOzd%2By4LwNiHF8%2BBi69e%2F5QbJj75hDqM%2BW4JQsnvL6cNYOIAI6tH9w%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI8b27GkhBABMDL%2B8PEJOX9zuQBABKygRf"
.hindustantimes.com/ Name: _gcl_au
Value: 1.1.1411037945.1682824620
.www.hindustantimes.com/ Name: _cc_id
Value: d1799f33bfd03ba588bba2824349c65d
.www.hindustantimes.com/ Name: _cc_cc
Value: ACZ4XmNQSDE0t7RMMzZOSksxME5KNLWwSEpKNLIwMjE2sUw2M01hAIIU37urQTQE8K7s2arLeL2e4T8jI8Omub91YOx1SOwnLz7C1Vw69YgNpubc0UPMMPaPjVNYYOzd%2By4LwNiHF8%2BBi69e%2F5QbJj75hDqM%2BW4JQsnvL6cNYOIAI6tH9w%3D%3D
.www.hindustantimes.com/ Name: _cc_aud
Value: ABR4XmNgYGBI8b27GkhBABMDL%2B8PEJOX9zuQBABKygRf
.www.hindustantimes.com/ Name: panoramaId_expiry
Value: 1683429419593
.www.hindustantimes.com/ Name: panoramaId
Value: e89f2a2c09c636d2fb64e9b81f7516d5393858062c682932935a25e21a6f2ad9
.www.hindustantimes.com/ Name: panoramaIdType
Value: panoIndiv
.hindustantimes.com/ Name: _cb
Value: B6IIbaB0TDCfbWxFL
.hindustantimes.com/ Name: _chartbeat2
Value: .1682824619703.1682824619703.1.XJLrCEP7eDB6i66wDK-gDnDNtgnm.1
.hindustantimes.com/ Name: _cb_svref
Value: null
.hindustantimes.com/ Name: _gat_UA-1431719-1
Value: 1
www.hindustantimes.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.hindustantimes.com/ Name: _ga_CGQQPTKRWT
Value: GS1.1.1682824619.1.0.1682824619.0.0.0
.hindustantimes.com/ Name: _ga
Value: GA1.2.1069195539.1682824617
.teads.tv/ Name: tt_viewer
Value: 638e3154-6497-4a41-9ce9-990d8d9bae75
.hindustantimes.com/ Name: bm_sv
Value: 7DCF1640B487F40FC221088B97D45F40~YAAQrXR+aK8XLaaHAQAAI+gp0BPSGSxIQEm8aciVWdc1vSBZjH64wZagXJW9W719YVrK89h+fEQx5LTbVnGTliwCcqY+dRkYTkcXKl1NsQAqdpNxDiyBg/mTp2XjY67jDpTFHO1HFUdG4AK0f5AVT2kwHcI1blsswZHscSOIi7qzAwTz1E9mpsyNEsQsBI+ot4fUwnLf4EqMP/cd+3I8w90n1KHC36ij68UDCMJzkXexf7gssc4YRa4Q4LU6dZhriFAoXZ8RVlI=~1
.doubleclick.net/ Name: IDE
Value: AHWqTUk8rJcriHlH9CxAo-AWxj1NTwqnzXbFDftbX_FErH3pLbFQgYcv75gxQ1E5
.casalemedia.com/ Name: CMID
Value: ZE3drD4L2EtJ03xMOguA5AAA
.casalemedia.com/ Name: CMPS
Value: 3851
.casalemedia.com/ Name: CMPRO
Value: 3851
.ml314.com/ Name: pi
Value: 3635329634749382671
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJpeCI6eyJ1aWQiOiJaRTNkckQ0TDJFdEowM3hNT2d1QTVBQUFcdTAwMjYzODUxIiwiZXhwaXJlcyI6IjIwMjMtMDUtMTRUMDM6MTc6MDAuMzAyMTAzMzI1WiJ9fSwiYmRheSI6IjIwMjMtMDQtMzBUMDM6MTc6MDAuMzAyMDY0MTVaIn0=
www.hindustantimes.com/ Name: we_luid
Value: d00e9dd73fcb21586401898fc68c1dccb65bf0dc
.amazon-adsystem.com/ Name: ad-id
Value: A8oXbTAwM0a1jIoi2eNL1Lc
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.rlcdn.com/ Name: rlas3
Value: S0hWZIxwBxlRk2ItXbZuj7/sTuDFUb2qXmLIrKDLzIQ=
.rlcdn.com/ Name: pxrc
Value: CAA=
.adnxs.com/ Name: uuid2
Value: 5228208061499362106
.adsrvr.org/ Name: TDID
Value: e543a39a-0e1d-4ae3-a551-4e898f0fa1e6
.agkn.com/ Name: ab
Value: 0001%3AS6oFOUa%2FVqwOIeJBbwPk87MCiA%2Fy46va
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 565478=5430437
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pid
Value: 123648273493992716
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0&c=1&l=1501522464&lo=384595258&lt=638184214203141362&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0
.bluekai.com/ Name: bku
Value: Whz99vp5EVHNQ9Lp
.bluekai.com/ Name: bkpa
Value: KJy9BQeJd02pSUHknpD81ezdqsk+SUx21Yjoje6TBEBZBM9TjZD61Z/lBs/81expBtPiRM96RpBA1s/8m919+tywKx==
.openx.net/ Name: i
Value: a5260bae-cb55-05e8-0a09-fec5a92aad27|1682824620
.sharethis.com/ Name: __stid
Value: ZHAAAmRN3awAAAAINWYHAw==
.sharethis.com/ Name: __stidv
Value: 2
.openx.net/ Name: pd
Value: v2|1682824620|vMgavPkWgy
.contextweb.com/ Name: V
Value: ngQga9H8aoaq
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: cbd9fd502edf9a56
.omnitagjs.com/ Name: ayl_visitor
Value: e1e6a3c038967f34ccf1f8b429c14399
.zemanta.com/ Name: zuid
Value: ESUImoe5nChfpHFV_GHT
.gumgum.com/ Name: vst
Value: u_349be9a1-420f-4de7-bff4-0fe61e91a85b
.yieldmo.com/ Name: yieldmo_id
Value: g7e5de49f3d7225ba876%7C1682824620481%7C0%7C
.ads.yieldmo.com/ Name: rptr
Value: rc%3D1169468%7Cc%3D1169468%7Ct%3D1169468%7Ctapad%3D1169468%7Cdv360%3D1169468
.3lift.com/ Name: tluid
Value: 2282483648371981074416
.bidswitch.net/ Name: tuuid
Value: 4dc13655-7864-4f56-8e77-3f84a75178d6
.bidswitch.net/ Name: c
Value: 1682824620
.bidswitch.net/ Name: tuuid_lu
Value: 1682824620
.smaato.net/ Name: SCM
Value: a25f37be
.smaato.net/ Name: SCMaps
Value: a25f37be
.media.net/ Name: visitor-id
Value: 3258262201455395000V10
.simpli.fi/ Name: suid
Value: 750B201F00374D3C9EC50C19E920AA21
.ads.pubmatic.com/ Name: KCCH
Value: YES
.bidr.io/ Name: bito
Value: AAAz7E7Im7sAACF9d1f_9Q
.bidr.io/ Name: bitoIsSecure
Value: ok
.adkernel.com/ Name: SSPZ
Value: 153116
.adkernel.com/ Name: DSP2F_30
Value: 520869
.adkernel.com/ Name: ADKUID
Value: A8322413069602550473
.dotomi.com/ Name: DotomiTest
Value: 3b25f4e109ac1060
.tribalfusion.com/ Name: ANON_ID
Value: aDnrXhrwZaybQXwrSQEbWivu7fhZc1woZaXPbkWEIXt07ENNXojD3njB58gMxksyB2S38eGab5t
.hindustantimes.com/ Name: __gads
Value: ID=65ea00affc37b4e9:T=1682824620:S=ALNI_MahTDOcgOowcfwPSYJ7JH_CrR0yRg
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZE3drAAGheToBABa
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 1EC31412-D5A5-431C-B807-57F99054DBF9
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156011:2
.pubmatic.com/ Name: DPSync3
Value: 1684022400%3A201_263_262%7C1683417600%3A248
.pubmatic.com/ Name: SyncRTB3
Value: 1684022400%3A22_46_220_21_13%7C1683417600%3A2
.lijit.com/ Name: ljt_reader
Value: GkKlUPZHQGMoja2dRFio4GZZ
.hindustantimes.com/ Name: __gpi
Value: UID=00000be69fbe0151:T=1682824620:RT=1682824620:S=ALNI_MZPul_HQVptVOIRflOKfKjIiHr0fg
.criteo.com/ Name: uid
Value: 3b92640b-6700-4192-92ac-f56bd806be70
.company-target.com/ Name: tuuid
Value: a45763cc-4f79-4147-9298-8ac5eafda2e1
.company-target.com/ Name: tuuid_lu
Value: 1682824620|ix:0
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjI0U7IyNLMwMTA2MTIy0FEyQuVaoEubg%2FlAnqUJiG%2BIor4WAIKYD%2FE%3D
.adgrx.com/ Name: ADGRX_UID
Value: 78ccb038-e705-11ed-82fe-30dce8bdf4b3
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6e2f6c46-28b0-583d-4aef-12173050d3ad.lN%2FmJ6m7E8OxVFpdFXFSPdRE60zlviULh3kgKyNDU60
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Abi9sRiiwWD1K7xIXMFDTrZU4mbk.JmK7gCoIztUKTPxZ2ycX8GUXe5O1g9cCvOxb7i16ns8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Abi9sRiiwWD1K7xIXMFDTrZU4mbk.JmK7gCoIztUKTPxZ2ycX8GUXe5O1g9cCvOxb7i16ns8
.yahoo.com/ Name: A3
Value: d=AQABBKzdTWQCEIPv7LQ8cwMKYErWpYqhnQUFEgEBAQEvT2RXZAAAAAAA_eMAAA&S=AQAAAmmCtKRtPafDbmQN58nNX2E
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsI0MrQ0-zM5DsQBRgBIAEoAjILCKLn6YKDzeQ7EAU4AVoHeWllbGRtb2AC
.openx.net/ Name: univ_id
Value: 537072971|e543a39a-0e1d-4ae3-a551-4e898f0fa1e6|1682824620720681
.outbrain.com/ Name: obuid
Value: 1d1dfc10-e2fd-4fad-b5f0-54a073969bf1
.deepintent.com/ Name: CDIUSER
Value: di_1f86d740813643448301a
.technoratimedia.com/ Name: tads_uidp_88
Value: 626928932246947377724
.technoratimedia.com/ Name: tads_uidp_44
Value: LGOI3Y4H-2-E2ED
.technoratimedia.com/ Name: tads_uidp_77
Value: UQZ2Q6HZcRk7nq3bTYZk4bEnb0-uAzwa0SlIWJvu8lM
.technoratimedia.com/ Name: tads_uidp_45
Value: EF0F4970-4A41-469D-9D34-BA15B1A53E0E
.technoratimedia.com/ Name: tads_uidp_46
Value: 521413429746270274
.technoratimedia.com/ Name: tads_uidp_79
Value: d28d6ade-079a-434d-a248-4389abba0237
.technoratimedia.com/ Name: tads_uidp_37
Value: dcb54c1a-2b18-37c8-931d-6d01f0e2b2fc
.technoratimedia.com/ Name: tads_uidp_48
Value: ac8ac1f8-cc0c-4914-b9e5-9f4d60e0f1f7
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAMgWAQKlmuFQN253y6AAAAAAA
.technoratimedia.com/ Name: tads_uidp_7
Value: f69af121-9cbb-4bc3-bb1f-97cccb9d1a52
.technoratimedia.com/ Name: tads_uidp_80
Value: y-UXS3WaxE2uE.Lhpf61H_vJaIErI5FCbQ~A
.technoratimedia.com/ Name: tads_uidp_70
Value: 1673948501052-981480834937-007220-006-006384
.technoratimedia.com/ Name: tads_uidp_82
Value: ZEpWYDEbkBsfCXuUgFkE2gAA&5255
.technoratimedia.com/ Name: tads_uidp_50
Value: 3bad6227-9571-02db-0c82-85a07e2d9d51
.technoratimedia.com/ Name: tads_uidp_61
Value: 212146417176477
.technoratimedia.com/ Name: tads_uidp_73
Value: AADCrk7Im7sAACUAGpp5iw
.technoratimedia.com/ Name: tads_uidp_62
Value: 3258220101455759000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: tVykJqdJA7o1UpcW-2rKLwjgdd1y3pew
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-8925c9cf-862d-47c3-9323-2fb8a199c063-005
.technoratimedia.com/ Name: tads_uid
Value: 568200899A48499D9AF846BF5A46F6A4
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230331110957+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.tapad.com/ Name: TapAd_TS
Value: 1682824620720
.tapad.com/ Name: TapAd_DID
Value: dbc01663-c844-4c7b-8d51-915c42e47094
.admanmedia.com/ Name: admtr
Value: 6a267f58-9a27-4b1f-b242-d1be8c09a1de
.admanmedia.com/ Name: ac_r
Value: CS71
.mathtag.com/ Name: uuid
Value: b8aa644d-ddac-4200-9e46-df8bdf303fe7
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1kba|2N.0.AAAIulOa4EBlIgMMOEt6AAAAAAA|3oy.0|4is.0.CAESEGDg6PatSMHXpthFWnoD0Xo|7bq.0.1|7TY.0

3 Console Messages

Source Level URL
Text
network error URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
security error URL: https://ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/5933284304937267351/index.html".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8261785d.webengage.co
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ads.avct.cloud
ads.pubmatic.com
ads.yieldmo.com
adservice.google.ca
adservice.google.com
affliate-api.hindustantimes.com
afiles.webengage.com
amazon-tam-match.dotomi.com
ampcid.google.ca
ampcid.google.com
analytics.htmedia.in
ap.lijit.com
api.hindustantimes.com
b1sync.zemanta.com
bam.nr-data.net
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
c.amazon-adsystem.com
c.webengage.com
cdn.ampproject.org
cdn.indexww.com
cdn.jsdelivr.net
ce.lijit.com
ce3b4ec332b41fffa8e8298013d321c5.safeframe.googlesyndication.com
cm.adgrx.com
cm.g.doubleclick.net
cpm.adsolut.in
creativecdn.com
cs.admanmedia.com
cs.media.net
d.adroll.com
dap.hindustantimes.com
data.adsrvr.org
dis.criteo.com
dm-eu.hybrid.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
feed.avplayer.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
grid.bidswitch.net
hbopenbid.pubmatic.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
images.hindustantimes.com
js-agent.newrelic.com
js-sec.indexww.com
m.media-amazon.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
ml314.com
onetag-sys.com
ow.pubmatic.com
p.rfihub.com
pagead2.googlesyndication.com
personalize.hindustantimes.com
ping.chartbeat.net
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
player.avplayer.com
pr-bh.ybp.yahoo.com
prg-apac.smartadserver.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pulsepoint-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssl.widgets.webengage.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.chartbeat.com
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-tm.everesttech.net
sync.adkernel.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.sharethis.com
sync.srv.stackadapt.com
sync.taboola.com
sync.technoratimedia.com
sync.tidaltv.com
t.pswec.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
tg1.aniview.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
u.openx.net
um.simpli.fi
us-u.openx.net
usersync.gumgum.com
visitor.omnitagjs.com
wsdk-files.webengage.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.hindustantimes.com
x.bidswitch.net
feed.avplayer.com
fonts.gstatic.com
ib.adnxs.com
tg.socdm.com
104.107.5.93
104.18.10.47
104.18.11.47
104.36.115.111
107.6.94.156
108.138.124.226
108.138.128.46
141.226.224.48
142.250.65.194
142.251.41.2
151.101.130.137
151.101.2.49
162.247.241.14
162.248.18.37
169.197.150.8
174.137.133.32
18.160.197.128
18.160.225.104
18.172.134.52
18.189.241.228
18.206.75.171
18.209.150.91
18.235.135.185
185.184.8.90
192.40.39.223
195.244.31.10
198.148.27.140
199.187.193.179
199.187.193.182
199.187.193.202
199.38.167.131
207.198.113.204
216.200.232.249
23.105.12.144
23.192.31.127
23.34.248.177
23.54.68.184
23.54.68.197
23.57.131.233
2600:1400:9000::687e:7490
2600:1400:9000::687e:74b1
2600:1400:b000::684d:9908
2600:1400:b000::684d:9929
2600:1400:d:5a7::1833
2600:141b:13:791::1833
2600:1f18:1c96:4103:85f9:b152:a5d7:cc08
2600:1f18:4e9:5a05:9d1e:a7ee:a4dc:6f3c
2600:1f18:61c0:2205:e9ef:fe6f:6ce4:eb8b
2600:9000:2340:4800:8:cf94:88c0:93a1
2600:9000:234f:9600:1b:5138:8a40:93a1
2600:9000:24d3:5400:18:1fcd:351:7bc1
2600:9000:2506:de00:1d:d7f6:39d2:2dc1
2603:c020:400d:3000:7130:bb0b:d7e:bee2
2606:4700::6812:19ad
2606:4700::6812:1d93
2606:ae80:1451:12::1720
2607:f8b0:4004:c17::9c
2607:f8b0:4006:807::2002
2607:f8b0:4006:809::2001
2607:f8b0:4006:809::200e
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80e::2002
2607:f8b0:4006:816::200a
2607:f8b0:4006:817::2004
2607:f8b0:4006:81f::200e
2607:f8b0:4006:820::2008
2607:f8b0:4006:821::2001
2607:f8b0:4006:823::2002
2607:f8b0:4006:823::200e
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::2003
2620:112:f002:bbbb::21
2620:1ec:21::14
2a04:4e42:400::485
3.214.203.148
3.214.33.241
3.220.81.91
3.33.220.150
3.7.218.223
34.111.113.62
34.111.234.236
34.171.234.26
34.230.184.9
34.96.71.22
34.98.64.218
35.168.153.83
35.190.60.146
35.211.165.199
35.211.178.172
35.71.139.29
37.230.131.22
50.16.16.77
51.222.39.185
52.0.82.32
52.203.157.217
52.3.180.182
52.46.128.147
52.5.252.145
52.70.149.227
52.95.115.196
54.159.252.56
54.165.146.88
54.165.234.231
54.224.41.210
54.226.241.213
63.251.86.51
64.202.112.127
68.67.160.24
68.67.179.166
69.16.175.42
69.173.151.100
69.175.41.44
70.42.32.159
74.119.119.150
8.28.7.105
8.28.7.81
80.77.87.162
96.17.64.208
96.17.65.160
041e987f5c4f8db84e964673ced0b32ad0459d28a4b42e8d463b72e0b90db4e0
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
08ee200fda2e4c128ee24308c4160a9341ed18d11c50c46d2d59504acf5830c0
09649d1b3c5f9960482de947dfe7f0af2e7b95ec715bbac90f8a32fac453f98d
0a4e9315b659343f930462afe4557db4e90e405e8d8f2e968fecba663ec5fc7e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ca5bc04162ed13edc29d641176de3ea070266f5632f454d8805910e560a3430
108b2370e908cf20ba094dbd83fcde2e366548d19165170fd6f1798f1340dd5e
10a1d2dde2beceb5c006df219c11c37b9429a5c11715659765adc56daf661caa
10be60e346fdff543ca35e2091c080ce876d34eb8ae5738792e960a8abd64399
1630406a4b2517140fec480b8bb754fcf742ba4e7eb5776424425ad557f92da7
16c8ad014e255e48470f6856e3ac20f6050865f72e971417501057d4aeaddd98
17a0d2449db9e6d41640f4af07e0525a3ea23f6f0813a7587d143806f1899213
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1887d8772d757ca9d6deabb42be9ee34e4098a185cd5bb95142455bb0dddb40d
1a9e8e47d1239441bc459e40af1b18fffcbeb290dba8f65ac2dbe7ac707ef791
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1f1e1beb5ca52a2ca3b1393819ef532934d306a8038d99d2635f92d3f2d2da35
20d3af8430cc216cdefa23788c8321b8e0795bbd0703588793443f507d280707
228b15bba7159029680589ed6d2aeca3f8881d96257f1db82131bb54d63e3373
2355ea54c7baea603b3c1849a0f164f6cb53ec8e01b9c04ad231e519fafd6530
248b9727249cdd990dab977d314e98bea62b37a56556fc421d338b0b7abb43d3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28d89279604baba7b0f2ab73771169d7ccbd52b7005aaba9288fced77c7bbf7f
29af0e9a018beaebdf4d617c41512d22da6db0d2bd8d46c76dde3364464bfe0b
2cd5a5730df4c8953d1a95d126f5422fdddfd086faf17a6de2a0edcc858c2569
30511e836ccb99953ebc45fd4f40352fde77aff9d923a08dd09df62934e204e2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31abf3ae8d53b7cc03c6e16e3d8fe6f82e7b43eef82483e35763eee4710e7b77
3532a807c3416a321a14d2e03f65872f747837a3eb23aa8571304ca6ddc1bec4
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3756c78fb8134d5e34d76107dfdaba284d58d1a7e004b0469129ce15fbc99aea
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
394a22b72ba9be02e69ea3444530fc850f941a2e8cd065c5658c5cf00bdbe732
3b1cd13276ce3ee8e0eb26dc73ba78dbf7d6cf835702a1d4c7e9932b1bc74cfa
3b41fc15a014f0fe32a7b5335422d3a6c4f4d993648b0fcf8201b04aeeee14e9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
419374628629e0ae0677b0316d4d7d0999f00720ad5aea50aa347734f1cb6c23
425530578b3ed1d1b9103c611d1f25b2e4e1a4bd89cf4485af13782cd26a368e
43e96d451b13a80f769c106908376c94b31beb9aac6566498c5c60f0059ca4f1
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c81acc50e12e9efa75c9ac1a035f07acb632d4714778a0a133e599fa565e32
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4948c3fe4b57cd92118ec7b89deb99ff0eb2586a02c5f454df21c1ecfc144c81
494b1cf9a1f2b1b4cbd127077a383aea34ccbcedf7ed6d02da42d2332f726d45
4adee86ae3a42fe66a3069228c6b43a9acefe561a32b2fb779fce17e0396e72a
4b9599a95b0a9a24ed1730654184cde7274cf5312980d66dc149359436a5c134
4bd93f824f6de302f6661ad4b7fe1d06eace3d4c7fe56310ccafc4737e5af45d
4c58c97cf8820bbf0e44e4ec95a2dacd7a2c2664455fbaecf92a3628deb6f378
4c5b6207bc74415210d5b2669c3692642664a69bd8656cce38b8dd14b8909861
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52aed4109d144187ebc958b55f0e1f4ab04db3aca8f3f580a601f229d1a076aa
5329dfc56daab20865fcf4845efe48fbc740bf32672203e878cd029d1f36a9d0
5336e341bf88d1798de998944eb812582d4f522583b3be6fe4b366f6bb9426a6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
586537ce383860a285130ba803f41c97cb99c4d074edfa405d1695d36a144a70
59c5bbcfe7a411323e995380c613db2dff27ab1b25b77cf14b3664e29641fe82
5b2678eaf0d1cf672de2438d57e0c88078651941531230385d3e9688404f96ba
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5efd225c130d072976c1ffa23f08703131dd2a6a7dea9cf3b05a11e09dbfc164
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636ada264d6032540bbcc1efd6860bf9843387f2180554799e517e4d1fc41aa4
65b9197c736cc253fafd1d2b79a386d71b5facb27300a5b6f47a625916b8c5f2
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6ac927bf968f13f78b024de0f986ca3a18d95852aee8423f748d252fca5c5c96
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6eb95fc228dda066a888f80feca6531805abe7f9c62fda0e93ec3ed9e2f875cb
6f439f9d2a85dcdc13d4fa0392e5644b74c689c570a953aca12198f6cfa82f4e
6f4819d7f07916e445b9f7020cffcc64e8741dd91d9c7bca81d5e3480c21cf93
728c291533a94b0c1c7491d56c97369654391f73e9c5043517fac33586931bb2
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7550e90e23baa796361ce6025cc326c61e34b2d764e593baae595196fced3ec0
7940c418dfe1508f8dc7869fe30b82f865040e5ac8dd14bbeb95eb4d0c7fc668
794c865bc31cf6af26394f08941757145287ee2d6ddb367273f997b9577ed392
7a1bfdc092ed5f961feede8ca999d499082dc30c7645393492666e5a2e92b3a6
7c728db47439688fcf6f8d7ac985215aa0013ed3115f9f53d32dbc684c534a5b
7d6adcfb38e24014d6ea4953f870f2397de4d4f7b917ac526302049d857c60f8
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
7fa915133ee0a462fa8ccfe1264e5c192df09b45c63eb70590151829413c02bc
7fb5ac3c18eeeff1d289a353fc9c12d37fb75d1b0df495c11de1515dc8403e0e
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8351ec9aaba13e39ccfc29b7632e3ff322f2ebdc7de5e3a96ab3c6e6c4c8c345
84a474bc1a6511d0932a2fb4a3aceb65668960056936ee2042dc93c912359511
85afe5d6b60132a4c60a797263462587cbedf641bf528a053b9a63753b7a53b8
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
87164df907b04e7cc17ecf6cc67fc70758df16f4abe9ae99fdbb24ff5d2ff3ca
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d43b83dff12be89815c9e9d6ee53f9cf3d32d56464a7e13d603dea0a7197841
8fe7ed16f09514c31cd8090ae2f0dd3f669e4ace78259bd9e20c1b710a3dffab
9245e02150be964f8594f30608ecd1783700ca2147b6e569347e792e7d608031
97ebb315b89a9df6345ad2ebdf245bf68c5f48a9f16eee76661b2b9b37764ea4
9881d7f2e7cac1b7ba54b7ca29ac377371d12ad803c57fe4933c205e228cfdd7
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
98f96655fed38a388418298d64b1ac2b9661ad5b184b8ccd5d914611247bd739
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cd28222b76db9ecead97bdea2b69bce8777da737c9e242502def4a5f1c96675
9de821d5674a2229c3229c9251db47fb446d0d5f52132ead98c821eeec76279a
9def66e6f815c8a84214b730ceb3e0c8b212370247a78c8fecb7e564c545fb4d
9f00f67e2e1e3698fe03f5ff8d9e947190a58faa034981ebee9e36d9536b0041
9f6477c9923cb4067fd5e7f8a6c930613530d594809f9146e3a17ec73411830b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3afa0016e3a853cf2c6859dc00dd0261c5d325699ecf085f38f57afb963fc19
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4
a5d14815529b18a35e8b4569ae04fdc2ce99ad0237ff85a2591a5c847b910576
a6af62ed047986e026099c3a3ba5135a44e07b3f4f5b84fc4a1ba62ee8b3daed
a7791b973d74b970ec64f29e654429f42b48316abc8eb394b0400da8b44c86b5
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b142a0f06fadb25b610bd3dcca9aba7e0c44eda8e68aec4d6eead63ee4f0c92c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b421dbd1b36da7cdde10c7cb073e0844d54184e4e7b9e88d49e23c155117ca57
b4d464da7a21c15c13b120cc82672a376b9ddd9767ab5f2386df7c468993f83c
b82a0c7d294927d2e659450d8bb597472b95bc0ffbee01eca8e71e90d9015b69
b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542
b98d558a57cb02d6856c29437f5b6d0871ad667ea0616688e23e5422feba3012
b9ab9c624c1d265a60f1214a9f2d3cb1c0da33dce3c4b6c4c8993aeb3eed9a6b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc48762f055c7353dfa3c862b6bbd706db812ee30015241cf2be15bae7117dc5
bc68313d3c2a33d167af7c8de4192538731ce689e1e9bb2ec53d9253793dcec5
bc71e5ba4f8deb2107667a1851c7c4a4b72acf456be9738a708c7eec205ff410
bf01c288b2ee9cafef35b0f6ffb79ca8fcb2a1b99607bd940c2c994da2241a40
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
c20912dd5d907d06a56c46b9e5ae914f20f446d6729091eff24c26e957898c9c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c34275f15bb786e85d6a9b017ec67f8e78b8cd0330e1005dc5f9cc6da65c90d3
c6ec2b9180008ff0d7b53badff33b9dd4e85c63a463d245dde7cdaf2e2126e0d
c7ab253f9ec980a1cd69b206bd7063f3cf9b7082876e69aedc3b5154901272f1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cac323bf2793f6de192a3938b7be19ade41fc7e6fdb4d03ab04719e0a58e4285
cbdc9209467644b036aee461ce823bb651862f7c5d158048946ef4fd34e06bbe
cd3fc63b04cc43fbed4f2cc71919b520cffbb13931a62a4facf2140d0548f053
cef686fe53d876af13c04d24b0302c1499e0d7ecf082da6d782e4c43f2e75fdf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf744521e3a64c8a3ef55306f54f36d69b05442e8caadc6767c15dfc74e2edaa
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0b53bf1d1f58806dd045fae390688c057084f7d1100e9af9ec92a7a39b0c860
d1ced72911892365fa799b44af92240a646d2a3b3ae47a8327a4ecda27bdd3bf
d2484273b0d620f8b8303473e04ef1692f14ac4ded163aa37384ae7cd8099a60
d25541afc3cfd894b7197ece9a94b5a1b85f46bec0c97de3161d1249d8506a6b
d37aa4e651b9620afe4c46600b304469eebaef6b930866d335c1be4f958e1272
d5759b6ef79a6f02f4ab33658567e9699834f54c9dd3950d06f38aeb106d201a
d9b2126118f749e45fe78fb2e50a1448a4dc73017525fa632de48b1bf5b0486c
dab9f5c68c52109c9128437b2c46c019e67bec2dfae150012457a91235910e33
dc81cae8ae74c5a7a8cdd4bfcfb3b03edd66c8289dd4f02627e47896c464a5b6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df76a18c81c9c3af8d3130e72d5df8ad2a3fcda74526c57bda644469ffd33f7e
e0539ee4a4df74a354644ee0555eb0c7c457d3a6349199638bbae86620506839
e1cbae1c8cc7d330811eae70eb3cb7a53a15c95a0e0a6bb3f182e50d66ba256c
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e1e0ed4f8a9e91d5e00fc839edbc3944d821e376be486fc60c77a46431d74cb5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d32eba223bb38d84ac33c2d62ea01557cbf4438ef866c7578c5133035eec81
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e855754d14ce96ee481590a8b6a929795a921418f96277786dc9d00f3efcd7e8
e9cb6b6a57ffd770bf3e2f5a132b366b16e751830287a41ae18cd6d8385355a0
ea3efd2376af8917207dccc8968ac2588edff25499facc753f75c18b4721f11d
ebbfc0d3fe042cfc56591c426168747ac113c735d647bd467df45feeb2807286
ec712264cada21aa8ed5ff117d1f92bc668be0bb56fe307e3793c80c82dee5b2
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
ed3022cca8c3b43236c46922828f16e2cf7723e3020f93269f5cf0d5fdd36db1
eea5f35fb8fc5fad9dae7efeec2fc44470dfdf38cd6e84e04b9befd8cf7fff17
eefa5ddfaeda2700a8a0a92b2aa3a88f32dd3197c052c0f913b32a773e9a669a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f68c8c5b10569e4cfa7a8eb1f137a96a5a6b6623e02e24170d837afe8fe0842e
f690a08d144f2ab8553a069812fc2a5aca8d6e75e591e2756183ac8ad38ee6e0
f7213d0860a642dd77a8ca3992d58e3a80bd5b09290d3a9e295c86039b49e8f0
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fade60bd3c249e26539f71251d9f5552cc874fe839d52a1b3ec1b4f3d5e6635f
fcce259f8477c530ebf6534d4a4eef76a61119dbd84077dacf7ae0d36b54a20c
fd3132352a228ef8c8b7b1adda7fa34fe1986695b8d40037075d61e9d0ac11ad
fd34606e000073feb2becb9c588e190331d69bfd45fe7f056160f29d187bc6d6
fee787f14c4a7c3099d44e5b8bbd54fbc6421899fcebda9a0b3c2a86c1b81f2d
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ffa36fd543238ce279b8503fd29cc148b08704bb0426b21377d12bdf9096d7dd