my.hotnewsmm.xyz Open in urlscan Pro
2606:4700:e0::ac40:6320 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://my.hotnewsmm.xyz/
Submission: On March 09 via manual (March 9th 2023, 2:08:16 am UTC) from TH — Scanned from DE

Summary HTTP 159 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 23 domains to perform 159 HTTP transactions. The main IP is 2606:4700:e0::ac40:6320, located in United States and belongs to CLOUDFLARENET, US. The main domain is my.hotnewsmm.xyz. The Cisco Umbrella rank of the primary domain is 424229.
TLS certificate: Issued by GTS CA 1P5 on February 24th 2023. Valid for: 3 months.

This is the only time my.hotnewsmm.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	2606:4700:e0:... 2606:4700:e0::ac40:6320	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:803::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
6	2400:52e0:1e0... 2400:52e0:1e00::1077:1	200325 (BUNNYCDN) (BUNNYCDN)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
2	13.32.99.90 13.32.99.90	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1	45.79.126.27 45.79.126.27	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
7	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400d:807::200a	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:4e:1... 2620:1ec:4e:1::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.122.63.128 20.122.63.128	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2400:52e0:1e0... 2400:52e0:1e00::864:1	200325 (BUNNYCDN) (BUNNYCDN)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4001:c1e::5e	15169 (GOOGLE) (GOOGLE)
159	31

28 2606:4700:e0::ac40:6320 (United States)

ASN13335 (CLOUDFLARENET, US)

my.hotnewsmm.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:803::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2400:52e0:1e00::1077:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

cdn.unibotscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.126.27 (Mumbai, India)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: 45-79-126-27.ip.linodeusercontent.com

api.unibots.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4e:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2400:52e0:1e00::864:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

stream.unibotscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4001:c1e::5e (Council Bluffs, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	381 KB
28	hotnewsmm.xyz my.hotnewsmm.xyz — Cisco Umbrella Rank: 424229	624 KB
19	unibotscdn.com cdn.unibotscdn.com — Cisco Umbrella Rank: 43161 stream.unibotscdn.com — Cisco Umbrella Rank: 63793	4 MB
14	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 28 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 321 pubads.g.doubleclick.net — Cisco Umbrella Rank: 434	101 KB
9	google.com adservice.google.com — Cisco Umbrella Rank: 65 www.google.com — Cisco Umbrella Rank: 2	2 KB
8	google.de adservice.google.de — Cisco Umbrella Rank: 8682	1 KB
7	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 337	57 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 990 c.clarity.ms — Cisco Umbrella Rank: 1526 p.clarity.ms — Cisco Umbrella Rank: 14916	21 KB
5	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2361 www.google-analytics.com — Cisco Umbrella Rank: 24	20 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	331 KB
4	gstatic.com www.gstatic.com csi.gstatic.com	29 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 448	343 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	146 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 277	51 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 152	2 KB
2	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 912	196 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 755	89 KB
1	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 4618	145 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 239	741 B
1	unibots.in api.unibots.in — Cisco Umbrella Rank: 33199	288 B
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 387	288 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	605 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1793	1 KB
159	23

	Domain	Requested by
28	my.hotnewsmm.xyz	my.hotnewsmm.xyz
15	tpc.googlesyndication.com	googleads.g.doubleclick.net my.hotnewsmm.xyz tpc.googlesyndication.com pagead2.googlesyndication.com
15	pagead2.googlesyndication.com	my.hotnewsmm.xyz pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
13	stream.unibotscdn.com	vjs.zencdn.net
8	adservice.google.com	pagead2.googlesyndication.com imasdk.googleapis.com
8	adservice.google.de	pagead2.googlesyndication.com imasdk.googleapis.com
7	cdn.jsdelivr.net	cdn.unibotscdn.com
6	pubads.g.doubleclick.net	imasdk.googleapis.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com my.hotnewsmm.xyz
6	cdn.unibotscdn.com	my.hotnewsmm.xyz cdn.unibotscdn.com
5	www.googletagmanager.com	my.hotnewsmm.xyz www.googletagmanager.com cdn.unibotscdn.com
3	www.googletagservices.com	googleads.g.doubleclick.net my.hotnewsmm.xyz
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	csi.gstatic.com	imasdk.googleapis.com
2	p.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	www.clarity.ms	my.hotnewsmm.xyz www.clarity.ms
2	imasdk.googleapis.com	cdn.unibotscdn.com imasdk.googleapis.com
2	s0.2mdn.net	googleads.g.doubleclick.net imasdk.googleapis.com
2	googleads4.g.doubleclick.net	my.hotnewsmm.xyz
2	www.gstatic.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	sb.scorecardresearch.com	cdn.taboola.com my.hotnewsmm.xyz
2	region1.google-analytics.com	www.googletagmanager.com
2	cdn.taboola.com	my.hotnewsmm.xyz cdn.taboola.com
1	unpkg.com	cdn.unibotscdn.com
1	vjs.zencdn.net	cdn.unibotscdn.com
1	c.bing.com	1 redirects
1	www.google.com	tpc.googlesyndication.com
1	api.unibots.in	cdn.unibotscdn.com
1	gum.criteo.com	cdn.taboola.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	secure.gravatar.com	my.hotnewsmm.xyz
159	33

This site contains links to these domains. Also see Links.

Domain
unibots.in

Subject Issuer	Validity	Valid
*.hotnewsmm.xyz GTS CA 1P5	`2023-02-24` - `2023-05-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
cdn.unibotscdn.com R3	`2023-03-08` - `2023-06-06`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
api.unibots.in R3	`2023-01-02` - `2023-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-08-30` - `2023-10-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-01` - `2023-06-01`	a year	crt.sh
stream.unibotscdn.com R3	`2023-02-11` - `2023-05-12`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://my.hotnewsmm.xyz/
Frame ID: 29736810025698155E51072060073ACF
Requests: 114 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/zrt_lookup.html
Frame ID: 0E37A433641221F0EDC9DAEF8ED18180
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&adk=1812271804&adf=3025194257&lmt=1678327687&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fmy.hotnewsmm.xyz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678327687519&bpp=5&bdt=272&idt=278&shv=r20230306&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7431034398423&frm=20&pv=2&ga_vid=139941530.1678327688&ga_sid=1678327688&ga_hid=695995649&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C31071756%2C31072927&oid=2&pvsid=4311793807319207&tmod=250800483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=328
Frame ID: 81992B01E9998C424DAB74A696B07586
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1D37A614EAE50997CCE71BBD8BF6B666
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9E4CAAD5821B65CF8CE58B3D2D6FA183
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
Frame ID: 010F77EC83363E0872A7B32CE15C89CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-r-5MCEN30q6sEGMWz3-EBMAE&v=APEucNUC8pcJReehRHq827Z2ucDzxziv6O-SnCQ66hDVzKZsOTh1M-3FVAppLcN9j_RR3GIMZ-GmT9y3f0LXqeAXY37sdqGtpg
Frame ID: 62206E6A93C152307E568F2CEEE02605
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js
Frame ID: B677DE0FED22294EEE0B1275DE5EDC8C
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F0D71B8E4364569DB77D9DA9EB72B55F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
Frame ID: 29F7619329003AED81C26C7524CCB9B5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
Frame ID: 9D6F9E07EAD12C509FA5895824C0CCB4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 53B0F40E0D658A72D83ED42C135EBB78
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 48357847B31A6B57F7EE86D69AE02D6C
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.560.0_en.html
Frame ID: 513BC1D427A98F1BCF2661815F8350FB
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blog HotNews

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

159
Requests

96 %
HTTPS

81 %
IPv6

23
Domains

33
Subdomains

31
IPs

6
Countries

6406 kB
Transfer

11455 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://unibots.in/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=041A88B0371E4CBF994BA42820F52345&RedC=c.clarity.ms&MXFR=05EDC164B67D656F1C49D3ABB27D6BA1 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=041A88B0371E4CBF994BA42820F52345&MUID=1CEF1B97CDCB6F4D02550958CCA06E7A

159 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
my.hotnewsmm.xyz/ 134 KB
41 KB 688ms
646ms Document
text/html 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.hotnewsmm.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

361aa46bb92764d5f59b738b152c4f475ec1c76484f7d9aecaa78b3c0b813401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a4fc4a93ad89b8e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 02:08:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3XfcXcITqIlQ67m6J9T2hvZAKnQQbG51V%2FnJzKhug8zbINw9OkuMu7mOUlddulBmo%2B9L1CLzY9Jxdunhlq7MFG5DYL7Me9BapiiERyarPyCCrIb6wZQf6dO8i%2FQZwwJO1kzvxuCSRvXMKahNKCQq"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding Accept-Encoding, Cookie
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: DLEMP
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
my.hotnewsmm.xyz/wp-includes/css/dist/block-library/ 93 KB
13 KB 40ms
37ms Stylesheet
text/css 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hotnewsmm.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 436787
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 06 Dec 2022 09:35:00 GMT
server: cloudflare
etag: W/"638f0cc4-172a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNnDsYAJtNRB9E04WuPH8lNTQs0%2FMf%2Bf6drXLjQLmnjjPTJvmnyqYsZBomwITcPvm15eO1IeiBFc1yAwgdnhokpzmzyMyDQvI%2Bz6rJ8pPLM3SJbw8r4yWB0F24nKr72Wol8rYUogENW8mqDZQg4n"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a4fc4ad5cc39b8e-FRA
expires: Mon, 03 Apr 2023 00:48:20 GMT

GET
H2 200 classic-themes.min.css
my.hotnewsmm.xyz/wp-includes/css/ 217 B
563 B 16ms
12ms Stylesheet
text/css 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hotnewsmm.xyz/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 436787
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 06 Dec 2022 09:35:00 GMT
server: cloudflare
etag: W/"638f0cc4-d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6bxwTq1aBd0ADjiF899B8WAgeW5Lq5%2F7nvPbKddEFboqp9NxLVQXd4PDCfXTuh7Sv5kpQiMuUSZ420u73OWifbMZkADQJNmpopzisjYy%2FPuRQ4ROXDDznXl%2Bu%2Fl%2BVIgFTqyMoAO6HyouZD3aGnz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a4fc4ad5cc49b8e-FRA
expires: Mon, 03 Apr 2023 00:48:20 GMT

GET
H2 200 font-awesome.css
my.hotnewsmm.xyz/wp-content/themes/blogmn/assets/css/ 35 KB
7 KB 20ms
16ms Stylesheet
text/css 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hotnewsmm.xyz/wp-content/themes/blogmn/assets/css/font-awesome.css?ver=6.1.1
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: e2a387f6a7cdac265c90c59daa4f30eeb1d183b8bcce4858384ab51d33c94533

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 436787
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: W/"6324154e-8d64"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfNhFps%2BXuuOvupKGJoJrrZsfliS4QrLQdb6R5wWODqtTT5Aebqjb2yeiDNRh00yd7baJOqALRqRonGe2nLRz%2BdyW3ZghEKI%2B3vcWd%2BMoosFNi6TVCgbmdotNzj2FWnG1EIG8PvXBgaRZ3L89MIR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a4fc4ad5cc59b8e-FRA
expires: Mon, 03 Apr 2023 00:48:20 GMT

GET
H2 200 genericons.css
my.hotnewsmm.xyz/wp-content/themes/blogmn/genericons/ 154 B
407 B 28ms
24ms Stylesheet
text/css 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hotnewsmm.xyz/wp-content/themes/blogmn/genericons/genericons.css?ver=6.1.1
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 436787
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: W/"6324154e-9a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=623sIurBzLlEUUnm%2FpYD38pcfakga2kdjXnjKjWmsf%2Bb55iq6JfsYZoLfaV6HzByBiG65oh%2BzI09kA17DpQi5Wv9ZBjGgUYTPdVBK2UyB7mzkpcWbKKmtDrt39Koa2a63d5J4wxzrdGnlznwtrAT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a4fc4ad5cc69b8e-FRA
expires: Mon, 03 Apr 2023 00:48:20 GMT

GET
H2 200 style.css
my.hotnewsmm.xyz/wp-content/themes/blogmn/ 72 KB
15 KB 24ms
21ms Stylesheet
text/css 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hotnewsmm.xyz/wp-content/themes/blogmn/style.css?ver=20220617
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: d5d449964b98c3b2bb88a3531d59db3f9644c7ab1a1175349f50e6c8fbd9397d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 436787
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 02 Jan 2023 23:57:26 GMT
server: cloudflare
etag: W/"63b36f66-11f2d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKeF9j3ftmE9v4%2B%2FBza%2FUEY480h5SfqIVBoJKRLU%2F9AonXnzFjA5cxeWVCy%2BAZBdvtsosmElIWKii3bq0NPTqKHiIdi63%2BZtIPgF9Yx1F4D6Q2kByq4Wn9FqdbJb3GH3rf0FTal721bz%2FHpNy2Xb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a4fc4ad5cc79b8e-FRA
expires: Mon, 03 Apr 2023 00:48:20 GMT

GET
H2 200 responsive.css
my.hotnewsmm.xyz/wp-content/themes/blogmn/ 9 KB
2 KB 41ms
38ms Stylesheet
text/css 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hotnewsmm.xyz/wp-content/themes/blogmn/responsive.css?ver=20220617
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: b81e011e0e5932a62615b2b8140ffbba3c90c0200b4b89f4a7a5792aad991c20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 436787
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: W/"6324154e-24c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qg%2FcJwo0oOOhp%2FbCdlXEEpMqixY%2BW4k8xMSLUqWI%2BM1Vmt8EHXyuhtKv1Piaa%2BWUdBVt6VqsaQxrU4%2BWLQUW1%2BC124WfvMu%2B57o%2BAzhmMg5JJjnBVzLAY3vi9bNgL1kR0gi8ltqgR7ankBSz9a%2B%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a4fc4ad5cc89b8e-FRA
expires: Mon, 03 Apr 2023 00:48:20 GMT

GET
H2 200 jquery.min.js Show response
my.hotnewsmm.xyz/wp-includes/js/jquery/ 88 KB
32 KB 29ms
27ms Script
application/javascript 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hotnewsmm.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 436787
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 06 Dec 2022 09:35:00 GMT
server: cloudflare
etag: W/"638f0cc4-15e54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NSrYEeO2ynhKkS9SU%2FRqgzGoMc1LvBNHLLP9zdCru1YzX0CjacO7V%2FkYl9xLQLKlrBV%2Bm%2BEhssi7rWcjKK4nNnTyhHQwvpLX92uAwmTJ4Qz4FqV%2F954YE1LlyKpZ9pYqP4MqxUaCDFVfQ1EI%2BXX9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a4fc4ad5cc99b8e-FRA
expires: Mon, 03 Apr 2023 00:48:20 GMT

GET
H2 200 jquery-migrate.min.js Show response
my.hotnewsmm.xyz/wp-includes/js/jquery/ 11 KB
5 KB 21ms
19ms Script
application/javascript 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hotnewsmm.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 436787
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 18 Nov 2020 16:06:06 GMT
server: cloudflare
etag: W/"5fb5466e-2bd8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWok2UaKy2vy3Is9bZVJ3UPCUeh8q%2FR1yHlmt8zKZZDE6jBe7v7dkFylZd1zSwJCwzQ69jEnvfpfnOOh%2BPCMcKNl0zmaYuKMdo5TkZZceQkT7I1U%2BZ%2FK2spsS3%2BkJXhC9mncCXLT2%2BzvcDI56uzr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a4fc4ad5cca9b8e-FRA
expires: Mon, 03 Apr 2023 00:48:20 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
48 KB 56ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3073985723087695

Requested by

Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91d7c7fc67c09617f57d5a3ff13eb5c6f053f2785d0e5d992b16207972f09b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.hotnewsmm.xyz/
Origin: https://my.hotnewsmm.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48610
x-xss-protection: 0
server: cafe
etag: 4598472056128901394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 02:08:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 132ms
52ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-203682812-13

Requested by

Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71399e7907b721d948b74017e579e57cb5fc9599cd3523cb3aeb9322f932a727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45799
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Mar 2023 02:08:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
82 KB 103ms
47ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V8FD1SYQLQ

Requested by

Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c25f91380c8df2456a48651048450958c39ad83e899971207992aef70f83296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83732
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Mar 2023 02:08:07 GMT

GET
H3 200 wp-emoji-release.min.js Show response
my.hotnewsmm.xyz/wp-includes/js/ 18 KB
5 KB 13ms
12ms Script
application/javascript 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hotnewsmm.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 514354
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 12 Apr 2022 12:56:22 GMT
server: cloudflare
etag: W/"625576f6-48b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wt9B83GlPxTWwUzVOOB%2BxehCOxu4II5Wmf2k04sWgFFfcqHZ87LyPomdMTdOi4haumN6PMPPqNHonP2Yh19aoEb5%2Fa7RJBr0B4SzOeops7yb3tsDqub%2FqT1dgpikENNY67co6%2B4vfUDBWP1O5FI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a4fc4ae2cfa382f-FRA
expires: Sun, 02 Apr 2023 03:15:33 GMT

GET
H3 200 genericons.css
my.hotnewsmm.xyz/wp-content/themes/blogmn/genericons/genericons/ 28 KB
16 KB 17ms
17ms Stylesheet
text/css 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hotnewsmm.xyz/wp-content/themes/blogmn/genericons/genericons/genericons.css
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/wp-content/themes/blogmn/genericons/genericons.css?ver=6.1.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/wp-content/themes/blogmn/genericons/genericons.css?ver=6.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 513780
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: W/"6324154e-6e6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNqn%2FD6bcEQYwB394JlTOeuvrbdMw2Cd2Vcnft0%2FpKI%2BKnbYD3s3r2WOTHGCAVMK9N2LPo5JDynKnnqTh%2BGxDWk9G6Q0xjrHy5phwBY2ObpmRCDCW%2FhEhN%2FMB6XiY4lRomFJ0sLp1Cw5Ecmz%2FTu1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a4fc4addcd4382f-FRA
expires: Sun, 02 Apr 2023 03:25:07 GMT

GET
H3 200 1-3-1-305x200.jpg
my.hotnewsmm.xyz/wp-content/uploads/2023/03/ 17 KB
18 KB 835ms
832ms Image
image/jpeg 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.hotnewsmm.xyz/wp-content/uploads/2023/03/1-3-1-305x200.jpg
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 19aefd03ea9ef77b7966ddc1c3bf71ae0b42c7f36ffa304a00e1bba001ec744e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17714
last-modified: Thu, 09 Mar 2023 01:54:59 GMT
server: cloudflare
etag: "64093c73-4532"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdvqQ7QPZUCHXXcPAam2KI9os7P4Yrv7BNnj4Rr2EnzOZpr3zqQNMQA5mHLuxf8GLrkRpHXMmUi%2FikehcQ5DsijuM8mFkQVOagVsSEU9vSOBj6Y7UthWj%2BPsysv8ZgVUKyb3gXX0HcYbmnPWRk0w"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7a4fc4ae8d2d382f-FRA
expires: Sat, 08 Apr 2023 02:08:07 GMT

GET
H3 200 Thiet-ke-chua-co-ten-2023-03-09T085346.299-305x200.jpg
my.hotnewsmm.xyz/wp-content/uploads/2023/03/ 18 KB
19 KB 820ms
817ms Image
image/jpeg 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.hotnewsmm.xyz/wp-content/uploads/2023/03/Thiet-ke-chua-co-ten-2023-03-09T085346.299-305x200.jpg
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: e66899c21bb1e59f25f7cc33670d6d88fa28909725767f1c91d7beeed56573da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18769
last-modified: Thu, 09 Mar 2023 01:54:01 GMT
server: cloudflare
etag: "64093c39-4951"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlWXKZV8xM2S%2Fg47A5r%2FUmmnkvWYN0113qePpcsERFfWOE6JEllKyrKCy5lo7SSDYipaVOskmJ5KuloHFzgghr5D%2B3M%2BtaHyPP3TYUIEBA%2FnTqQfykbWI3gSrBvtyGDTQkMZrHpHDUhEmvpQbsm8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7a4fc4ae8d2e382f-FRA
expires: Sat, 08 Apr 2023 02:08:07 GMT

GET
H2 200 0edab543b30751b2cfce08c530890ff0
secure.gravatar.com/avatar/ 1 KB
1 KB 53ms
8ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/0edab543b30751b2cfce08c530890ff0?s=64&d=mm&r=g
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8731d06bbb18c05499f193a32c336d5233aae87ef497341b19e5a08b8ec54ed3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 09 Mar 2023 02:08:07 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="0edab543b30751b2cfce08c530890ff0.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/0edab543b30751b2cfce08c530890ff0?s=64&d=mm&r=g>; rel="canonical"
content-length: 1163
expires: Thu, 09 Mar 2023 02:13:07 GMT

GET
H3 200 superfish.js Show response
my.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/ 7 KB
3 KB 28ms
24ms Script
application/javascript 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/superfish.js?ver=6.1.1
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 513779
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: W/"6324154e-1d7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4neTGVNs%2F53JiA3svRjdQENo7Y4tm3drmVNRGNNCvts%2BzFJ4iH4E8HLL%2F14zoIZJSe8yJXBevzMBpCpejuuvbM%2BXaCVcWSn9PcPkE3XPJl5jJhEiJC5ExZgnMc56kw0JTCMQhqRQrj6jC1S8S%2FS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a4fc4ae8d2f382f-FRA
expires: Sun, 02 Apr 2023 03:25:07 GMT

GET
H3 200 html5.js Show response
my.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/ 10 KB
4 KB 32ms
29ms Script
application/javascript 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/html5.js?ver=6.1.1
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 514354
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: W/"6324154e-285a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJYQ5b87P9RK8N9z7Z2G8dRMsKYtpVt93IYaV7zJFsutgSDfjyx%2BJRsEuw8%2Fy4ruso7kZO%2Fz3f%2Fq5NM3%2BGvdwsZiaxTqm7urMZeVL92WGpEN33wYY6xdcyr8LfFG8nSKGFBJtBWOuBDlhNLEPqup"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a4fc4ae8d31382f-FRA
expires: Sun, 02 Apr 2023 03:15:33 GMT

GET
H3 200 jquery.bxslider.js Show response
my.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/ 66 KB
16 KB 35ms
32ms Script
application/javascript 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/jquery.bxslider.js?ver=6.1.1
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 514354
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: W/"6324154e-107e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ynb%2F0Q4RKwPP1CNYlJY92YcUdf3Gxv3s10D9bl9FfSO40kusx6f%2BXQ1ThutMJRIZ4msrY8PA4kwSJue9NnjbCWZhfVrNUsh6RTpC4r%2FhhNmRTBMJPRzQrjGKEGqNdnnem7KJv7LQdHVagx7JLcgx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a4fc4ae8d32382f-FRA
expires: Sun, 02 Apr 2023 03:15:33 GMT

GET
H3 200 jquery.tabslet.js Show response
my.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/ 6 KB
2 KB 30ms
27ms Script
application/javascript 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/jquery.tabslet.js?ver=20220617
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: a7fe9347c265a8ef227a2c0e3e0e6e62e75f14784355f556fa9ddb864c5753f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 513759
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: W/"6324154e-1701"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2Fgw78mcq0QhBwmnMtDRaIGY%2FXmEqqE%2FvccPH19cXKt%2FRLw%2Fmu4hh6Q3d51mhoDRs8BKEy0uzyo64r7YG8DofQwo0KS0xZmLb%2BbURQ6QBtzJILnmiMHT0m5PKo%2BZm8bL7D8qqcIjPN01vy%2FamRNJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a4fc4ae8d36382f-FRA
expires: Sun, 02 Apr 2023 03:25:28 GMT

GET
H3 200 index.js Show response
my.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/ 30 KB
8 KB 34ms
31ms Script
application/javascript 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/index.js?ver=20220617
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 85d3987a45a0fdca18652344761e0dce4f3616d51f7788ad3447c18a8eea5291

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 514354
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: W/"6324154e-777c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1isCUvNi4fWxEIOXJqAapK1QiwqVp4zJYNMjiNH7jRwWJg15%2F3fL%2BIkTc1d81OfjG45KsAo%2FZoYgwP3xejRZj4MuI025RvdttlcnEkGJr7JuNw4unsDh6KO%2Br5gak1JH%2BftHRHlWfhnNPntfIsKb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a4fc4ae8d37382f-FRA
expires: Sun, 02 Apr 2023 03:15:33 GMT

GET
H3 200 jquery.custom.js Show response
my.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/ 3 KB
1 KB 38ms
35ms Script
application/javascript 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hotnewsmm.xyz/wp-content/themes/blogmn/assets/js/jquery.custom.js?ver=20220617
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: d8e8b70424cd0f3f1f5a9285e3b0d2a0d5546f371544550969facf69b81a0d90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 513759
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: W/"6324154e-b53"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lrbSyD%2FYn8kEsYRIx8W1FRlv92U1uZb%2BqUZ41GSXeVibPrblUbHcfrnHB%2BZaSPacX7sKgIu68iJYjbKuts1Kn3dWOCsXTubZ0%2Fn%2FZnTxH%2FSH%2BkZtnt89Ho5S70GMYGrrKY2PfbD29Xk658LoH76"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a4fc4ae8d38382f-FRA
expires: Sun, 02 Apr 2023 03:25:28 GMT

GET
H2 200 player.js Show response
cdn.unibotscdn.com/ubplayer/ 167 KB
60 KB 528ms
13ms Script
application/javascript 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/player.js
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1077 /
Resource Hash: d795ec1e20106eda999fb8ca3f00a6a1ba3302c998855e96e7299a429d7fbdaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
cdn-edgestorageid: 1049
cdn-storageserver: DE-167
cdn-cachedat: 03/07/2023 07:24:49
cdn-pullzone: 873945
last-modified: Tue, 07 Mar 2023 07:22:21 GMT
server: BunnyCDN-DE1-1077
cdn-fileserver: 336
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6406e62d-29cae"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: d9c25ded7a42f96cd132924cf6fbb19f
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 fontawesome-webfont.woff2
my.hotnewsmm.xyz/wp-content/themes/blogmn/assets/fonts/ 75 KB
76 KB 32ms
20ms Font
font/woff2 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.hotnewsmm.xyz/wp-content/themes/blogmn/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/wp-content/themes/blogmn/assets/css/font-awesome.css?ver=6.1.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.hotnewsmm.xyz/wp-content/themes/blogmn/assets/css/font-awesome.css?ver=6.1.1
Origin: https://my.hotnewsmm.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4984
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Sep 2022 06:18:54 GMT
server: cloudflare
etag: "6324154e-12d68"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GWXYny6Q4wzJKpV9JAAf0wgacuZy62wlIbNYxlfg3Dhfqp0rs5xmPlSPt7CH2sJVWArh4Y55oDiC3m5qyTqnhks%2FiXhSsmlr5RHsNvjdMcxz3zzJj%2Bl4CGJdL72pXdIKHXvgG0I5oLKCpRw3Lll"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a4fc4aebd4d382f-FRA

GET
H3 200 unnamed-65-305x200.jpg
my.hotnewsmm.xyz/wp-content/uploads/2023/03/ 14 KB
15 KB 842ms
835ms Image
image/jpeg 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.hotnewsmm.xyz/wp-content/uploads/2023/03/unnamed-65-305x200.jpg
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 8179ab307c010a6d20544843e1a52fb257b1e1bada34d5c027b73972b2244088

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14291
last-modified: Thu, 09 Mar 2023 01:53:26 GMT
server: cloudflare
etag: "64093c16-37d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZslr4ZRHYt7bZ8C0v1gACd%2BE4Yc0ORynpkWynT9ageG5HqIm0%2FG4my5kSLvtBypybCw7sb2pKgjQVsSKtH64LZO5L2qcfknfXxgG8%2BEz9H%2FhiTU%2FPGdP%2BZh%2FLo7RSu9psj1GGAox8fuliCLxzpP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7a4fc4aedd65382f-FRA
expires: Sat, 08 Apr 2023 02:08:08 GMT

GET
H3 200 Thiet-ke-chua-co-ten-1-7-305x200.jpg
my.hotnewsmm.xyz/wp-content/uploads/2023/03/ 13 KB
13 KB 841ms
833ms Image
image/jpeg 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.hotnewsmm.xyz/wp-content/uploads/2023/03/Thiet-ke-chua-co-ten-1-7-305x200.jpg
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 63d6a4b35e52a736a67763cf9898fbf2e3807004ef7a2e3c9945db77ae4b6a9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12934
last-modified: Thu, 09 Mar 2023 01:53:09 GMT
server: cloudflare
etag: "64093c05-3286"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwqEUsmMk%2Bo9iLFrlSu5u7tXRPJLVj80RDs8XCPJLjbI9RvmaexpqpkG7ijVkEhjcA%2FGOg55z6uKTOADHzecyFSrE%2B%2BRb6lw3FFgu5EHjGEwg2NTsU2yBz6PTEF7Ba4TbuKAHW6k637yQ%2BUUJEYO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7a4fc4aedd66382f-FRA
expires: Sat, 08 Apr 2023 02:08:07 GMT

GET
H3 200 MTk1OTM2ODA3NzQzOTIzNjgx-305x200.webp
my.hotnewsmm.xyz/wp-content/uploads/2023/03/ 16 KB
17 KB 814ms
807ms Image
image/webp 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.hotnewsmm.xyz/wp-content/uploads/2023/03/MTk1OTM2ODA3NzQzOTIzNjgx-305x200.webp

Requested by

Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

8e67c0a5868bc15d96e6a0a26c055f701365547e209401d18f39f981e0da4e01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16418
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Mar 2023 01:52:39 GMT
server: cloudflare
etag: "64093be7-4022"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2I4RtqmaIYK77OLgy%2FdJlHeElAN2qcCgvh184zi%2FKqhn%2F8jjng8gBdstdgEHtV%2FY2UlKhWJmi%2BIY85lzbeD3Zzb%2BUEnSlV2mNY8YMeJNuQNC62QO3qvdlztgrlITzHElR0bqkc4lZT5riB7%2FlHY0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a4fc4aedd67382f-FRA

GET
H3 200 4784-1-305x200.jpg
my.hotnewsmm.xyz/wp-content/uploads/2023/03/ 16 KB
17 KB 844ms
837ms Image
image/jpeg 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.hotnewsmm.xyz/wp-content/uploads/2023/03/4784-1-305x200.jpg
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 0cf115f1974b3dccbb1d018b70d29b105bd35b1cabf7e1af2de186cc8a262581

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16766
last-modified: Thu, 09 Mar 2023 01:50:42 GMT
server: cloudflare
etag: "64093b72-417e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8nuyb3rVUEx1grNjIQDD4OKeqkkmgBuFsbaHlmNQoBcDzOIq6%2FEsUhLXHZkoyxUHDnLZOCTYFLAChU0VJi%2FBlXN6aDFZF8H6DSG3083qIbPOKhs2ofq%2Bmcrf6c4V%2BBCdydF3ucpm1CREz7BXSofQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7a4fc4aedd69382f-FRA
expires: Sat, 08 Apr 2023 02:08:08 GMT

GET
H3 200 MTk2Mzc4MDQyMzUwNzc0MjEx-305x200.webp
my.hotnewsmm.xyz/wp-content/uploads/2023/03/ 14 KB
15 KB 809ms
802ms Image
image/webp 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.hotnewsmm.xyz/wp-content/uploads/2023/03/MTk2Mzc4MDQyMzUwNzc0MjEx-305x200.webp

Requested by

Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

a115865d23b718c732924bc3d6bb99c9fcff2ff2a0bbe003e37be3f4c006768e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14708
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Mar 2023 01:49:58 GMT
server: cloudflare
etag: "64093b46-3974"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewhv7EEZ8H4rexMehEjr5BuFvmw5DXruHpDB16Vf%2BsfpXbNv3zEgJeOVPifjb4i31uLs0HsNaDzgzDkel14e6My8Ckt9bMlqXdB6fTTTjvClDGfNvBkw%2BEQWe2OUEzjtr246Hb9lWa4AYeywjm0C"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a4fc4aedd6b382f-FRA

GET
H3 200 MTk2Mzg4NjEwOTIzMDQ2ODUx-305x200.webp
my.hotnewsmm.xyz/wp-content/uploads/2023/03/ 11 KB
11 KB 677ms
671ms Image
image/webp 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.hotnewsmm.xyz/wp-content/uploads/2023/03/MTk2Mzg4NjEwOTIzMDQ2ODUx-305x200.webp

Requested by

Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

40eb9a42a0cb1aa195e203e0b026d1bb1282d050ea07ddee5ed8d74995f4a376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10776
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Mar 2023 01:48:45 GMT
server: cloudflare
etag: "64093afd-2a18"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPbMmKiyeXAfaZNrsFsmSJJu2Ddk%2BRoXIkNFcJMKNXiSibREnWNzL9r7qzl0eH0qy9DdPxkNjumuwwyBDrD4bQzg2GUH3tTibErC%2BHYZRSROE2XuFphCKBP5R0gRM%2BlODdNyqPRpEdSTmUYDIcFC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a4fc4aedd6c382f-FRA

GET
H3 200 T-77.jpg
my.hotnewsmm.xyz/wp-content/uploads/2022/12/ 196 KB
196 KB 968ms
963ms Image
image/jpeg 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.hotnewsmm.xyz/wp-content/uploads/2022/12/T-77.jpg
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 61f53bd906e325d2a13adb97710f8223948b46c7c5b48b05d50442d24abf9ddc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 200502
last-modified: Tue, 27 Dec 2022 07:10:11 GMT
server: cloudflare
etag: "63aa9a53-30f36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MoA3m12x5a9GKuSCDGggCsINLcX0I2UREZ47RG50eZyWfbatuMIhiLA7R9MoSgVmETtgCVhFlJqfX%2FqQoTT%2BA%2BObvT1t1scjGwYUQjjb1cS2U%2Bl%2BXPv0HbtljG9lm4XVmYHvqhkAt8kgMGqgT%2B7w"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7a4fc4aedd6f382f-FRA
expires: Sat, 08 Apr 2023 02:08:07 GMT

GET
H3 200 1-3-1.jpg
my.hotnewsmm.xyz/wp-content/uploads/2023/03/ 57 KB
57 KB 956ms
952ms Image
image/jpeg 2606:4700:e0::ac40:6320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.hotnewsmm.xyz/wp-content/uploads/2023/03/1-3-1.jpg
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 8f5b6120735ae3dfe42fc332f12c20592743629e277ffabe9a0eeb1cd6a7b6f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: DLEMP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58284
last-modified: Thu, 09 Mar 2023 01:54:59 GMT
server: cloudflare
etag: "64093c73-e3ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uo%2Fuq5lAdhAonq19aGi3IlaXJPkg3R9ARchLFJe8c5t8AlgNpctFiNTg%2FjDFvFjg4htn%2FFnW6NQSHhnpZ5bTPCBxIQWiesOPK%2Bzg9LFLsUSkl49syqNq94ScRKO9iT8Qse%2FC78XRwXlcKcymBI3b"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7a4fc4aedd70382f-FRA
expires: Sat, 08 Apr 2023 02:08:07 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070401/ 361 KB
119 KB 71ms
47ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070401/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3073985723087695&plah=my.hotnewsmm.xyz&bust=31072927

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3073985723087695

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

063b4afd1654b930aae11f25e985a36988aa64378141fdc53bd0fc4df8279608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121629
x-xss-protection: 0
server: cafe
etag: 8946560962460691763
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 02:08:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/ Frame 0E37 10 KB
5 KB 43ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3073985723087695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 02:31:25 GMT
etag: 2378337311435320485
expires: Wed, 22 Mar 2023 02:31:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/xaluanau-network/ 278 KB
43 KB 54ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/xaluanau-network/loader.js
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29912119ff1370e9eaf64b7b65bcb38e4e27862cc5cf3e5a860f7529eb995385

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: dA6Mw2z42PRLKL0hN7J6k9fAYZg6aJqT
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Mar 2023 02:08:07 GMT
x-amz-request-id: 8VKBS9Q40HMRCGX0
age: 157
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 43374
x-amz-id-2: 2hybgn9zWyyVGG1XtDtO4FhmcNOYw0gwjU8CesVn7pWXCmTQrGsbTn+pUcolQQw4O4rDTdOGY+8=
x-served-by: cache-hhn-etou8220060-HHN
last-modified: Wed, 08 Mar 2023 10:22:24 GMT
server: AmazonS3
x-timer: S1678327688.632894,VS0,VE1
etag: "59027ef67aa96c1524fb9b1e42b42e50"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 39
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 45ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-V8FD1SYQLQ&gtm=45je3360&_p=695995649&cid=139941530.1678327688&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678327687&sct=1&seg=0&dl=https%3A%2F%2Fmy.hotnewsmm.xyz%2F&dt=Blog%20HotNews&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V8FD1SYQLQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 02:08:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.hotnewsmm.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 49ms
48ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-203682812-5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-203682812-13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa2e4597f650d216d5f87c66b0781b6774eb8b4ee9ad58690a627241caf3f8c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44759
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Mar 2023 02:08:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 42ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-203682812-13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 00:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6797
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 09 Mar 2023 02:14:50 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
605 B 51ms
16ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=my.hotnewsmm.xyz&callback=_gfp_s_&client=ca-pub-3073985723087695

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070401/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3073985723087695&plah=my.hotnewsmm.xyz&bust=31072927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd0c4bf09ca26234fe98e2b147fd9335fbc93aaf4fcd6f8f43512aff9cdb53a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 52ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=my.hotnewsmm.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 110ms
43ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=my.hotnewsmm.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8199 338 KB
81 KB 371ms
358ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3073985723087695&output=html&adk=1812271804&adf=3025194257&lmt=1678327687&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fmy.hotnewsmm.xyz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678327687519&bpp=5&bdt=272&idt=278&shv=r20230306&mjsv=m202303070401&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7431034398423&frm=20&pv=2&ga_vid=139941530.1678327688&ga_sid=1678327688&ga_hid=695995649&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C31071756%2C31072927&oid=2&pvsid=4311793807319207&tmod=250800483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=328

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e4b9f5964adbed2c9111043e4477578a28e37164c518a0b8d2e2c2963b54e29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 82987
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 02:08:08 GMT
expires: Thu, 09 Mar 2023 02:08:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 impl.20230308-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ 735 KB
153 KB 9ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230308-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/xaluanau-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 5e7d4e5f8888b63bbeac9516f9d0f33d5a069710480e7d62962b4c8e26e5ad25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: 5AHg2Y1Y2c6pf5dFmhIIObS3ibjodSwo
content-encoding: br
via: 1.1 varnish
date: Thu, 09 Mar 2023 02:08:07 GMT
x-amz-request-id: 2RW9714G57MXPFSY
age: 287
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 156630
x-amz-id-2: LN1AKtGaKVkfGWqVFpr9KKfzJrPQkAK3o+Q9RVqkFpdxGPMN5sRt/PFLQvoPCKsj1lndjwIVEco=
x-served-by: cache-hhn-etou8220060-HHN
last-modified: Wed, 08 Mar 2023 10:02:57 GMT
server: AmazonS3-br
x-timer: S1678327688.872173,VS0,VE0
etag: "d8a98d9f03c87a47698c9a7906ffe178"
vary: Accept-Encoding
content-type: application/javascript
abp: 22
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 345

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 68ms
8ms Script
application/javascript 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/xaluanau-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:58:32 GMT
content-encoding: gzip
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4175
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: ujQ3WTA19JLTqLDGlwxnH22LnZAPakg_J8ydGfiIV2C9yuMQDb42dw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 15ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=695995649&t=pageview&_s=1&dl=https%3A%2F%2Fmy.hotnewsmm.xyz%2F&ul=en-us&de=UTF-8&dt=Blog%20HotNews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2102202692&gjid=761972457&cid=139941530.1678327688&tid=UA-203682812-13&_gid=774518909.1678327688&_r=1&gtm=457e3360&z=2029201637

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.hotnewsmm.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 02:08:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.hotnewsmm.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 18ms
15ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=695995649&t=pageview&_s=1&dl=https%3A%2F%2Fmy.hotnewsmm.xyz%2F&ul=en-us&de=UTF-8&dt=Blog%20HotNews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAAI~&jid=731044303&gjid=1282972798&cid=139941530.1678327688&tid=UA-203682812-5&_gid=774518909.1678327688&_r=1&gtm=457e3360&z=1358539713

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.hotnewsmm.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 02:08:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.hotnewsmm.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 58ms
15ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230308-4-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 281149
expires: 60

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 9ms
8ms Image
text/plain 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1678327688088&ns_c=UTF-8&c7=https%3A%2F%2Fmy.hotnewsmm.xyz%2F&c8=Blog%20HotNews&c9=
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: UBTjUcQ8yZDCsCYVkE7KCpho159Ls0b0phDRVZPAKTT5lBN6XkrYdQ==
x-cache: Miss from cloudfront

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070401/ 150 KB
51 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070401/reactive_library_fy2021.js?bust=31072927

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

064fbddc18ada3729fd8502547f91c122b01670cc5634625b0e0ae9a4bf28980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52390
x-xss-protection: 0
server: cafe
etag: 7079917789004930623
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 02:08:08 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 28ms
24ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=my.hotnewsmm.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 46ms
44ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=my.hotnewsmm.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/ Frame 1D37 10 KB
4 KB 23ms
22ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 04:07:33 GMT
etag: 2378337311435320485
expires: Wed, 22 Mar 2023 04:07:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/ Frame 9E4C 10 KB
4 KB 16ms
10ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 04:07:33 GMT
etag: 2378337311435320485
expires: Wed, 22 Mar 2023 04:07:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/ Frame 010F 10 KB
4 KB 18ms
11ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 04:07:33 GMT
etag: 2378337311435320485
expires: Wed, 22 Mar 2023 04:07:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1D37 6 KB
1 KB 64ms
22ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 02:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 01:15:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 02:08:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 1D37 2 KB
818 B 50ms
16ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame 1D37 22 KB
9 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 1D37 3 KB
1 KB 44ms
18ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:57:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 19:57:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 1D37 20 KB
8 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D37 158 KB
49 KB 34ms
29ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 02:08:08 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 1D37 34 KB
15 KB 69ms
11ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 22:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 22:10:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 22:19:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9E4C 6 KB
745 B 44ms
22ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 02:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 01:21:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 02:08:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 9E4C 2 KB
799 B 31ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame 9E4C 22 KB
9 KB 20ms
10ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 9E4C 3 KB
1 KB 21ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:57:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 19:57:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 9E4C 20 KB
8 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E4C 158 KB
49 KB 27ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 02:08:08 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 9E4C 34 KB
14 KB 53ms
12ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 22:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 22:10:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 22:19:45 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6220 0
20 B 26ms
22ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-r-5MCEN30q6sEGMWz3-EBMAE&v=APEucNUC8pcJReehRHq827Z2ucDzxziv6O-SnCQ66hDVzKZsOTh1M-3FVAppLcN9j_RR3GIMZ-GmT9y3f0LXqeAXY37sdqGtpg

Requested by

Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 02:08:08 GMT
expires: Thu, 09 Mar 2023 02:08:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame B677 22 KB
9 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72561
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 05:58:47 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/ Frame B677 6 KB
2 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:56:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2477
x-xss-protection: 0
server: cafe
etag: 8436122973860808490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 05:56:14 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B677 0
0 106ms
48ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssRT1QmmTQVyX3AzzVDw6noA0HnnUTJW8i3wpI4EnOLpd9LpYrVCGxaR39_D9EdpLbSncBMZo2bYcfEfKyJie7reqAe5cLzmpPB5lW4y5IOgK0q3zPkGbB1HpJjKdgXi4HHoScQ5vwS-91J3bJ_G1Z3zDK9bVuqAYDKvnq_Zq--daq6h2o863HQVP1PkaP61t5uUPAuyRgDh2SU99nvqjmHRc-De90lwCvwQXNmRk-ln6QXlFAY6BI1Kyj4U0wS3WsgOBTx2sWq1GVM7lOqsTJbwSAworCPHYMMY0nLmo1whPATxqHhqflK1Ey0cSr5pivAbAJ7hlTizKmDtpfVyiaxHzD5TmwUodUz30VA9wEyloVumCes-YTzHe0cfM0sKeJRRk0mTS5oRTqGDVB4-Kaztisl51k1g6zZbN9Q5kXdCZ9GBUmNgnzRhYTlTdpDI0ptsKmhsxMSrHrKc3xpv7ZnhGGFlLJ9MGksD8z9K_eUoH9MNb60joXKrvjU2F3VgFdLPkTYqcnQ2cVv-s_0hjsbQ325ivoRf6ngKVgEMDeneTJIxoX9NNe8hMevLKekBPGY4yySEbA0jPgzbSFRJlwqbqipaS3fMs1h8c5vQ10TrqEzSTWHJRrpSQBEd76OB0Y0VqyLB9mBTaIf75hExS4u2zGDAzSuFUdYRCWJn8SjOm8KF5_Xvm_tAp1VBHQoQzSRmmHAPY_skpMcqsvh91jpuAv8r60LUIJTBWhr-SzuRF82eiwnK9WCAs4-TqyrShKEtuqU44qWewAJNgVi0g8edYzy7b0pu7eJMGWxY3RkaGNtp6xihMmig2Kq4qZtEnvkaNXZLN6Z8oxmaZeTR7N8vEaPqzRQHXnGSFLNYZXfZ4yBKJV7RsVpboKySHOyzVkop4KU8OEReP9RYL4VsEN4iQeD58Se5iohmfXpbh-Ebvm45DPXSHjxCg229B4cdXXwrnykq0et_kIVEvvNlr1tDsqgaRKi_BlDZO1S17277UWSGV-Rlz0kiq-vWbrcY7DFsSRqX1116GS01napuigMvSVY5VbgVl9JNJUm3MqN8aAkmtpOiQvHqTZUbUBi4_nqVqyYCSozVdmzOiQ9WxfzZiBC1uB0P_HZg3ojKjddGU14rVaMjfI8px2JPRQZxRQTattq22De&sai=AMfl-YQF9GbLC20thnW4NgESeX8On-VnVGKGtqJLWB2rCaQ4jmTYP6ITuTsnm_wvTeGpUUvvGrzUWc9eSYKUqnQHhn-TCaIDw112CgFvFltVs6COXMxsItsl2UAFNPm0SGP8QZZLuwokyqFbzXxpfodp-SCNvwLUrIIPpY-Wch8b97FUBSQozHoIC2ZF_AulGC7HfOnpQ4Bzx5vxJ0GUH4WYjiGFM57-DCUTO58rlikzl2c&sig=Cg0ArKJSzEpmJSjtpj-pEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20230306.05943&arae=0&ftch=1&adurl=

Requested by

Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 02:08:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 02:08:08 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B677 41 KB
15 KB 18ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 12:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 12:23:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame B677 3 KB
1 KB 19ms
10ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:57:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 19:57:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame B677 20 KB
8 KB 15ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:48:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B677 158 KB
49 KB 27ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 02:08:08 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B677 42 B
63 B 51ms
44ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BtAS2ESw79mBGHNIJorXbWIHCafrCC-C4DLTxGindzhctn-YpwP8vr2ktYyKcOzole74610LDKqjNh3PDVWZ0x4x2LUM6L5VsBH10NshrNuOvdVzA

Requested by

Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 02:08:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 15948207420191647834
s0.2mdn.net/simgad/ Frame B677 34 KB
35 KB 81ms
15ms Image
image/gif 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15948207420191647834

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30fcc4283044721244082c5703d5879bb1f73ef227fb716bcdce2cf3537797aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 12:47:38 GMT
x-content-type-options: nosniff
age: 134430
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35261
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 10:12:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Mar 2024 12:47:38 GMT

GET
H2 200 lions_hotnewsmm.json Show response
cdn.unibotscdn.com/clientdata/ 21 KB
2 KB 53ms
20ms Fetch
application/json 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/lions_hotnewsmm.json
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1077 /
Resource Hash: ba8a13aac190bf046ca316cda41413f8be04510517f93ed989e0c736377ee71f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
content-encoding: gzip
cdn-edgestorageid: 1054
cdn-storageserver: DE-198
cdn-cachedat: 01/09/2023 07:06:33
cdn-pullzone: 873945
last-modified: Mon, 09 Jan 2023 06:56:33 GMT
server: BunnyCDN-DE1-1077
cdn-fileserver: 420
cdn-requestpullcode: 206
cdn-proxyver: 1.03
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: ec5b36fcc3d775c4f34dedb5dd638741
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ Frame B677 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecf9dbfa741fed95b15d70c0f1b2af28df948c3994f37412c5e48e8d2cf9e644

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F0D7 22 KB
8 KB 11ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 49488
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 12:23:20 GMT
expires: Thu, 07 Mar 2024 12:23:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B677 0
0 50ms
49ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssRT1QmmTQVyX3AzzVDw6noA0HnnUTJW8i3wpI4EnOLpd9LpYrVCGxaR39_D9EdpLbSncBMZo2bYcfEfKyJie7reqAe5cLzmpPB5lW4y5IOgK0q3zPkGbB1HpJjKdgXi4HHoScQ5vwS-91J3bJ_G1Z3zDK9bVuqAYDKvnq_Zq--daq6h2o863HQVP1PkaP61t5uUPAuyRgDh2SU99nvqjmHRc-De90lwCvwQXNmRk-ln6QXlFAY6BI1Kyj4U0wS3WsgOBTx2sWq1GVM7lOqsTJbwSAworCPHYMMY0nLmo1whPATxqHhqflK1Ey0cSr5pivAbAJ7hlTizKmDtpfVyiaxHzD5TmwUodUz30VA9wEyloVumCes-YTzHe0cfM0sKeJRRk0mTS5oRTqGDVB4-Kaztisl51k1g6zZbN9Q5kXdCZ9GBUmNgnzRhYTlTdpDI0ptsKmhsxMSrHrKc3xpv7ZnhGGFlLJ9MGksD8z9K_eUoH9MNb60joXKrvjU2F3VgFdLPkTYqcnQ2cVv-s_0hjsbQ325ivoRf6ngKVgEMDeneTJIxoX9NNe8hMevLKekBPGY4yySEbA0jPgzbSFRJlwqbqipaS3fMs1h8c5vQ10TrqEzSTWHJRrpSQBEd76OB0Y0VqyLB9mBTaIf75hExS4u2zGDAzSuFUdYRCWJn8SjOm8KF5_Xvm_tAp1VBHQoQzSRmmHAPY_skpMcqsvh91jpuAv8r60LUIJTBWhr-SzuRF82eiwnK9WCAs4-TqyrShKEtuqU44qWewAJNgVi0g8edYzy7b0pu7eJMGWxY3RkaGNtp6xihMmig2Kq4qZtEnvkaNXZLN6Z8oxmaZeTR7N8vEaPqzRQHXnGSFLNYZXfZ4yBKJV7RsVpboKySHOyzVkop4KU8OEReP9RYL4VsEN4iQeD58Se5iohmfXpbh-Ebvm45DPXSHjxCg229B4cdXXwrnykq0et_kIVEvvNlr1tDsqgaRKi_BlDZO1S17277UWSGV-Rlz0kiq-vWbrcY7DFsSRqX1116GS01napuigMvSVY5VbgVl9JNJUm3MqN8aAkmtpOiQvHqTZUbUBi4_nqVqyYCSozVdmzOiQ9WxfzZiBC1uB0P_HZg3ojKjddGU14rVaMjfI8px2JPRQZxRQTattq22De&sai=AMfl-YQF9GbLC20thnW4NgESeX8On-VnVGKGtqJLWB2rCaQ4jmTYP6ITuTsnm_wvTeGpUUvvGrzUWc9eSYKUqnQHhn-TCaIDw112CgFvFltVs6COXMxsItsl2UAFNPm0SGP8QZZLuwokyqFbzXxpfodp-SCNvwLUrIIPpY-Wch8b97FUBSQozHoIC2ZF_AulGC7HfOnpQ4Bzx5vxJ0GUH4WYjiGFM57-DCUTO58rlikzl2c&sig=Cg0ArKJSzEpmJSjtpj-pEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=266&vt=11&dtpt=263&dett=2&cstd=0&cisv=r20230306.05943&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 02:08:08 GMT

GET
H/1.1 200
OK block Show response
api.unibots.in/ 45 B
288 B 845ms
273ms Fetch
application/json 45.79.126.27
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.unibots.in/block?client=Lions_hotnewsmm&page=my.hotnewsmm.xyz/
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.126.27 Mumbai, India, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 45-79-126-27.ip.linodeusercontent.com
Software: / Express
Resource Hash: 7079c4a270a27cec5738869ff1c650bcb431e7427aa282e507005fbdd4102b4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 09 Mar 2023 02:08:09 GMT
Keep-Alive: timeout=5
X-Powered-By: Express
Content-Length: 45
ETag: W/"2d-u7Q5CwGaa1ObtHaIkSK9AjhXyhU"
Content-Type: application/json; charset=utf-8

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 29F7 36 KB
14 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:04:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 19:04:07 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 26ms
25ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230306&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26c1cab590bee2654d73a27f332a6bdfc888cc589bb7f89b33e1f83a77bb921b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11413
x-xss-protection: 0

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame F0D7 36 KB
14 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:04:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 19:04:07 GMT

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D6F 36 KB
14 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:04:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 19:04:07 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 02:08:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 53B0 13 KB
5 KB 10ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10764
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 23:08:45 GMT
expires: Thu, 07 Mar 2024 23:08:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4835 783 B
1 KB 57ms
18ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3806033fe74d8fe80ae601269d22a430ac492f688b25eb71a5526d1268addef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4BUn4scERmJpf3ql_QSoQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-4BUn4scERmJpf3ql_QSoQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 02:08:09 GMT
expires: Thu, 09 Mar 2023 02:08:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4835 0
0 41ms
40ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230306&jk=4311793807319207&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 53B0 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:04:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 19:04:07 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F0D7 0
20 B 45ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFd0lhz8JZOPYNdqt9u8P8s-1sA4AAAAAOAHgBAI&bg=!xsWlxZHNAAbv3-2Ez987ADkAdvg8Wmhv29zqOtBP6r1YzOvE_s5s1mCNBwVdxxGhH55gHtUQaDEGcxcTIRaGuS_CG9suZldJCDECAAACQ1IAAAAEaAEHCgB12wOGb5r1QGpjcsXpYOMdU65FUax6b56XmbDMGmlZ79MaC_K5iw5tR_2-DzNVa9Eb77LCKrBgMMclqhvrDy_k_RNehXT3R7a7jDttqT7-Zt_0EVx8Ndm5HvSu14qaJjSpole0qkggq8jyB2jGD4rzXrLacHBmmQL43ZWVTTRzS8-glqAjx4tp50NPnVphe21mscNA7DH-QwzPZ5hIZpfoo-r16bCh62hGXPasJGqQGhPBkbd_ccTmXfKfTvt7ui7zpNhe41GC46nr7j5XILjGush5EYiyr-KDjpYpcb08YuaNH4Tgq7TkUeWxGt3Fy066dCUIt08XVcZPdsLcvATEJmADfrazY2n3rsmLIeH7H2froSlCepiabEiqKmEXEVt23iAfvzjvfmmfbKKYornPNqV1FuVj_NLhqJTU5tXeLh3GRonHTsf2BB6AIFltVF75tWv5ELf1Z5O_rQj1RtGIIhvs2V832YjK9POEuytf0rcpfxP_1brTlVJEmBuTytm8-ibHv_icXF2_x30swSFgKeZ0K_tAqE_1ee8co29-FQO8r0gMiTsnC1yVSDLGMzfsMfjWBn6TBycUnpgvFFN4BJYuobVaHJlQ4zI8oNW4lpUGcsqECYgYdYHx38-bs89mpt1rJoNpVyHFV8pJ1SzWhx4_JA6HdfpL5OSLj2MzrVB68hmfKXx_GaG21kSKTvGFfbGbZ9XnzTvvmKkNT3zJW-j1l339ed3-XnBkeu70bJK9_0R10aEv2mP7Ead2wmIyvhta7NZd_A2qoCYTNUwWCCDyry28tP31boDSRC3H34L0hCDRIyNCHvKq8O7ocr9HBfdwx0Q7POTXr2Cq0Zv_fzvyG4k4OQat-2EqyyagtO1mUixR6HBoogp4Dlf-iEuAlXxJSZYOtcnFzfCnj3H3wMjrUvnJMROgnE5zft-iO4V8jjLgkKutJkSDa87ji_8-myoO909siLm-3_PdrMd_aeuNVuga90TNokXu2DDhiu4FqQAc_mfpfjiu7s8ub3UNN7URS9nOha4D2yqkoB6lRmWnipS9blI25sto9SxZuiJT_G6HFfMQg4_8MyN94IsnTteOKt1f9w1XnSjbaQRAhpxUKx4gnyelQSWaBOVyHAUtpRP0B-cgQa2QqdwdRLEupdgybIoOxmncpBuDAhsz-A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 02:08:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 53B0 0
10 B 10ms
6ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qDUMkA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 lions_hotnewsmm.js Show response
cdn.unibotscdn.com/clientdata/js/ 1 KB
1 KB 21ms
20ms Script
application/javascript 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/js/lions_hotnewsmm.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1077 /
Resource Hash: d4bcbf4a94cbfbf86bc0e90e0db357ab74ab6b564a639e0bb4dae255674f62f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:09 GMT
content-encoding: br
cdn-edgestorageid: 752
cdn-storageserver: DE-169
cdn-cachedat: 02/21/2023 19:28:57
cdn-pullzone: 873945
last-modified: Tue, 03 Jan 2023 12:14:21 GMT
server: BunnyCDN-DE1-1077
cdn-fileserver: 250
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63b41c1d-484"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 5732f1f4bf352dde9f6226ee89ad2eff
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs.ads.css
cdn.jsdelivr.net/npm/videojs-contrib-ads@6.8.0/dist/ 975 B
790 B 44ms
4ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-contrib-ads@6.8.0/dist/videojs.ads.css

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Mar 2023 02:08:09 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 1273644
x-jsd-version: 6.8.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 321
x-served-by: cache-fra-eddf8230066-FRA, cache-hhn-etou8220033-HHN
x-jsd-version-type: version
etag: W/"3cf-QkYNpQ1t+HGGuQzDGS8mZdpVWDg"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 videojs.ima.css
cdn.jsdelivr.net/npm/videojs-ima@1.11.0/dist/ 4 KB
1 KB 44ms
6ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-ima@1.11.0/dist/videojs.ima.css

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Mar 2023 02:08:09 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 1273644
x-jsd-version: 1.11.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1300
x-served-by: cache-fra-eddf8230050-FRA, cache-hhn-etou8220033-HHN
x-jsd-version-type: version
etag: W/"eda-rFTc9uQpHYoG97d1hpF7y+maJdM"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 video-js.min.css
cdn.jsdelivr.net/npm/video.js@7.11.8/dist/ 39 KB
10 KB 46ms
7ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/video.js@7.11.8/dist/video-js.min.css

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Mar 2023 02:08:09 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 1273644
x-jsd-version: 7.11.8
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10312
x-served-by: cache-fra-eddf8230066-FRA, cache-hhn-etou8220033-HHN
x-jsd-version-type: version
etag: W/"9cdf-hOphjOeyfUewXdwzXYtoioxwLLQ"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lions_hotnewsmm.css
cdn.unibotscdn.com/clientdata/css/ 1 KB
1 KB 14ms
13ms Stylesheet
text/css 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/css/lions_hotnewsmm.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1077 /
Resource Hash: 62059da5a0a7035f03ac09dc2bfd48a49210567d7ed2aff6963e54e27dbaeb3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:09 GMT
content-encoding: br
cdn-edgestorageid: 865
cdn-storageserver: DE-200
cdn-cachedat: 12/19/2022 08:54:18
cdn-pullzone: 873945
last-modified: Mon, 19 Dec 2022 05:06:03 GMT
server: BunnyCDN-DE1-1077
cdn-fileserver: 463
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"639ff13b-59c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 29f5808852ea40f95a91c13601a6a641
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ub-player.css
cdn.unibotscdn.com/ubplayer/css/ 4 KB
2 KB 16ms
15ms Stylesheet
text/css 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/css/ub-player.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1077 /
Resource Hash: 5227153a9de496caa2ec6bda8b7daff8e4fdc7d4f309121b094f939a6289da43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:09 GMT
content-encoding: br
cdn-edgestorageid: 1054
cdn-storageserver: DE-169
cdn-cachedat: 01/13/2023 14:22:36
cdn-pullzone: 873945
last-modified: Thu, 05 Jan 2023 12:00:52 GMT
server: BunnyCDN-DE1-1077
cdn-fileserver: 305
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63b6bbf4-ed7"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: f74635d9dfee59f8ba6190d4d343e9be
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 358 KB
120 KB 336ms
74ms Script
text/javascript 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a2a35055d55edd1f08bc62af556568af32015ed99b097b059c002d0f18d2f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122295
x-xss-protection: 0
expires: Thu, 09 Mar 2023 02:08:10 GMT

GET
H2 200 euidixwgt6 Show response
www.clarity.ms/tag/ 675 B
1 KB 132ms
101ms Script
application/x-javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/euidixwgt6
Requested by: Host: my.hotnewsmm.xyz
URL: https://my.hotnewsmm.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8905d5ee4beeba3c083fcc46a4fb23bedd43fbbaad0e8a56c7ef840327e94acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: application/x-javascript
date: Thu, 09 Mar 2023 02:08:09 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0iT8JZAAAAACqfMbApypwT6wSpuQzb0EhRlJBMzFFREdFMDkxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B677 42 B
64 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvH5pdM--b6SLfOnGbERzUf_G0vjY1zczkPRwJGBPWsVJHFnevfqm0oUr63GpCk9zNIk14KFz2amj_KyPWC4MPC8ngjoSiau5Adpq4aXxyOt5X9vrQOR3F5WZPrE160pTKZV0L_Pg&sai=AMfl-YRe3aZPxsciPFwdjvjoJkuveBADLGx6ogPQXr3QwxewbbooZvHcWiUcd3Xsy2w1W5TXScbRFcb6nkOT&sig=Cg0ArKJSzOHIABgNWl71EAE&cid=CAQSGwDUE5ymZqLlpRuvzPWWNbv5lWR_WWYYhVaaphgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=484,968,1000,1000,1000&tos=484,484,32,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678327688571&rpt=331&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 02:08:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-sc/s/0.7.2/ 56 KB
19 KB 11ms
9ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-sc/s/0.7.2/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/euidixwgt6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 99b523edd72385876c466fc061393829b08dec3aa544963373b22a08fb97784f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:09 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-azure-ref-originshield: 0aR0JZAAAAAC37X+1nPbKSKpyKNTLJJRuRlJBMjMxMDUwNDE3MDA5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "1d951cb0e0b691c"
x-azure-ref: 0iT8JZAAAAABusCebbROETpcy15CVDxICRlJBMzFFREdFMDkxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=041A88B0371E4CBF994BA42820F52345&RedC=c.clarity.ms&MXFR=05EDC164B67D656F1C49D3ABB27D6BA1
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=041A88B0371E4CBF994BA42820F52345&MUID=1CEF1B97CDCB6F4D02550958CCA06E7A

42 B
442 B

28ms
28ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=041A88B0371E4CBF994BA42820F52345&MUID=1CEF1B97CDCB6F4D02550958CCA06E7A
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 02:08:09 GMT
last-modified: Wed, 15 Feb 2023 08:41:50 GMT
server: Microsoft-IIS/10.0
etag: "ddef9591941d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 02:08:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FAB9D96A9DAA4765845F8B02F12B259F Ref B: FRAEDGE1413 Ref C: 2023-03-09T02:08:10Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=041A88B0371E4CBF994BA42820F52345&MUID=1CEF1B97CDCB6F4D02550958CCA06E7A
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
296 B 378ms
97ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-sc/s/0.7.2/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://my.hotnewsmm.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://my.hotnewsmm.xyz
Date: Thu, 09 Mar 2023 02:08:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 video.min.js Show response
vjs.zencdn.net/7.11.4/ 524 KB
145 KB 122ms
13ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.11.4/video.min.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220025-HHN
date: Thu, 09 Mar 2023 02:08:10 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 16:37:54 GMT
etag: "dca7de69f28da40d65353c2e9323442b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 148475
x-cache-hits: 33

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
46ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230306&jk=4311793807319207&bg=!EBOlE0fNAAbv3-2Ez987ADkAdvg8WhJY6H79VXfaQWEh5sXkcITxVdAR9NAyGV2qnm5ql10hbh1E_GS4dBvVg5jk5Ud0wMv-wSoCAAAAz1IAAAAEaAEHCgBYItjB0GiwP9N6xffrZ2ASC3S_kfy1WEn58Loq38KgXxTs_qfr-Fn7nPRdZezXgA9oe6X0r-jQYT86v5WFIhbgD0zx-rRD5L-ZNz5OXG08f5EO9z673MYhnZkCq-bNPvjkjBzS0YaLpiMo571pAkgFpF_j5bYwEow5NKO16V1N0oe3JipOgI7p-pZKqyj9BcwnXwfQPyg8MKPy8W3zwLJjkLYKotKCQyWkFXfw30wnjPlfRrrQE1xaZKxz37gXLvUei32AGF9NhKYeDZ9UACMK3E0c05Hw24yjsk5a4zWJMB8u5AEFU3_muDPh5rwKbA_8f3F0joHSzsQ69Ch96f-EN6XGzNJk130C9Xm6kqf-5H5fX98e373lxxW11NezFmiAyBMJw2yekBeACxgp--HIw2i0vxB75KyVHaGG7vn8wcC3H1sPLVRl8aZnaLTprecO1OkCX8PvCIucMb9HddKExlKZMEoYwrDGaL83tepvyy71ZqjT38UP42sGZXecpB8Wr6Ln-udmlEDwuqcW-CgyfIpHh0ID6_NOn4tWK1Asu3PEZT4DDL1hmIQRLXKJiU67A_T95aFrGElmcudSV2bnq9DFff9I6sfwfySBZJJYhHxpwGlVtTBnv6kIHqCU-I9UTI997zrq_fUypZwrH44WastVhgKWraeTjfeyOETV-08m7Rqwta_4VRzdx_IXGCb56kESMHkkjsTSFXV2jlD-Zke00oBfAoBOFN2z6iXnsaC_HZ_Xc0QUXi_4DE-ot_Mm9DF2aT0y1fJmD45P_uoHYlcnMrcJ8npAiobC6Mg9yDokBDbKxtoOBg36mZeqU7cUg1kmTwwAoHI77Lhf80P0R8m15gNeGpG9AIO5AO8AwWhzEpA7IYcON1ygnUSZFgVhXT7I2ba6JSBVfDBSfXYA0j2zHXZTMMJfBaeJ1bwj_gCe3p5nsQ5HZJCIilq0S8TCKYuDqdUimsH7oT57Va_2jkQBSulxvTgaY9HPCigqSLWplDd0KLjvxLW2bI--dJCR3HnE_e95
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 videojs.ads.js Show response
cdn.jsdelivr.net/npm/videojs-contrib-ads@6.8.0/dist/ 91 KB
22 KB 9ms
7ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-contrib-ads@6.8.0/dist/videojs.ads.js

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Mar 2023 02:08:10 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 1273651
x-jsd-version: 6.8.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22750
x-served-by: cache-fra-eddf8230138-FRA, cache-hhn-etou8220033-HHN
x-jsd-version-type: version
etag: W/"16c3c-XTWyR/+wTNuO+mhGvQZwQQTNP2I"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 videojs.ima.js Show response
cdn.jsdelivr.net/npm/videojs-ima@1.11.0/dist/ 84 KB
17 KB 11ms
9ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-ima@1.11.0/dist/videojs.ima.js

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Mar 2023 02:08:10 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 1273650
x-jsd-version: 1.11.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17030
x-served-by: cache-fra-eddf8230029-FRA, cache-hhn-etou8220033-HHN
x-jsd-version-type: version
etag: W/"14fe2-x9+sAvNQeZX8jxoQcZlsO67xEgo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 can-autoplay.min.js Show response
cdn.jsdelivr.net/npm/can-autoplay@3.0.0/build/ 11 KB
3 KB 11ms
10ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/can-autoplay@3.0.0/build/can-autoplay.min.js

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Mar 2023 02:08:10 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 1273651
x-jsd-version: 3.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3166
x-served-by: cache-fra-eddf8230070-FRA, cache-hhn-etou8220033-HHN
x-jsd-version-type: version
etag: W/"2ae4-KCPSMTN2SdlCpBkMeQk1eb16L7s"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 videojs-playlist.min.js Show response
cdn.jsdelivr.net/npm/videojs-playlist@5.0.0/dist/ 5 KB
2 KB 9ms
8ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-playlist@5.0.0/dist/videojs-playlist.min.js

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Mar 2023 02:08:10 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 1273650
x-jsd-version: 5.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1883
x-served-by: cache-fra-eddf8230108-FRA, cache-hhn-etou8220033-HHN
x-jsd-version-type: version
etag: W/"13b1-wxzLT0Y4ihksb8Q+NruQQceFjtA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 videojs-http-streaming.min.js Show response
unpkg.com/@videojs/http-streaming@2.14.2/dist/ 313 KB
89 KB 50ms
24ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@videojs/http-streaming@2.14.2/dist/videojs-http-streaming.min.js

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87ad3937041399e3fa70ced9c237f347f54eed87a593ef7672ae6bd8f694aa2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:10 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 5474370
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GNYX7Q5MFR0E9311TP84ASWV-fra
server: cloudflare
etag: W/"4e381-sWncTYk99Vh6MbFTmww1DxncjVE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7a4fc4c178406977-FRA

GET
BLOB 200
OK 051dd3c0-e4e6-46f4-b6c9-9ab8cc080680
https://my.hotnewsmm.xyz/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://my.hotnewsmm.xyz/051dd3c0-e4e6-46f4-b6c9-9ab8cc080680
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
80 KB 49ms
48ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QQ0G9M610C

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

112c80242954e52c5e7c24caa97d660e2e9a62df210d4b7d5e770089966b58d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81741
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Mar 2023 02:08:10 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
80 KB 59ms
59ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QQ0G9M610C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V8FD1SYQLQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f21f34e491d839f5ee6ad111d010c18f255af5d80d20c3084519c73936c35d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81874
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Mar 2023 02:08:10 GMT

GET
BLOB 206
Partial Content 7ef68936-d598-442c-b829-ef5212fe0335
https://my.hotnewsmm.xyz/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://my.hotnewsmm.xyz/7ef68936-d598-442c-b829-ef5212fe0335
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 6541ef28-fe3e-48e9-b769-3f0120ad6288
https://my.hotnewsmm.xyz/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://my.hotnewsmm.xyz/6541ef28-fe3e-48e9-b769-3f0120ad6288
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ub.svg
cdn.unibotscdn.com/ubplayer/logo/ 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unibotscdn.com/ubplayer/logo/ub.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1077 /
Resource Hash: a60a1b492ccc3784df2d649db4bf3fbb8bb70a583522a61194e7552a6e28c5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:10 GMT
content-encoding: gzip
cdn-edgestorageid: 1049
cdn-storageserver: DE-200
cdn-cachedat: 11/12/2022 05:25:03
cdn-pullzone: 873945
last-modified: Thu, 30 Jun 2022 06:20:30 GMT
server: BunnyCDN-DE1-1077
cdn-fileserver: 377
cdn-requestpullcode: 206
cdn-proxyver: 1.03
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=2592000
cdn-requestid: be6c24a1b9be7e1342cfa7db7da4de34
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://my.hotnewsmm.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 bridge3.560.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 513B 692 KB
221 KB 27ms
25ms Document
text/html 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.560.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90bcf964eccf69e68420c35e7120f9f38896ce99896314a84e9be0fedeae2106

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.hotnewsmm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 28251
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226079
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 18:17:19 GMT
expires: Thu, 07 Mar 2024 18:17:19 GMT
last-modified: Mon, 06 Mar 2023 18:28:49 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 02:08:10 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=my.hotnewsmm.xyz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 42ms
41ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=my.hotnewsmm.xyz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 playlist.m3u8 Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/ 171 B
835 B 543ms
13ms XHR
application/vnd.apple.mpegurl 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/playlist.m3u8
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:11 GMT
content-encoding: gzip
cdn-edgestorageid: 1048
cdn-storageserver: DE-200
cdn-cachedat: 01/30/2023 07:35:58
cdn-pullzone: 829957
last-modified: Fri, 09 Dec 2022 05:44:02 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 296
cdn-requestpullcode: 206
cdn-proxyver: 1.03
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=30
cdn-requestid: f84216e71deb6030d0aab454d1f17c37
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
BLOB 200
OK b1d26ca3-d0e4-4176-b26e-9fa0180a0d75
https://my.hotnewsmm.xyz/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://my.hotnewsmm.xyz/b1d26ca3-d0e4-4176-b26e-9fa0180a0d75
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b69e5f3ff4f4334a57797153ed18c266f06e757220c9968a2509c38577c1753

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length: 6121
Content-Type: application/javascript

GET
BLOB 200
OK 69f1d85c-bfb1-45a1-839a-85af01f1b995
https://my.hotnewsmm.xyz/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://my.hotnewsmm.xyz/69f1d85c-bfb1-45a1-839a-85af01f1b995
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f7599bee29320a0bd9e8eeb17d6bec67327eeb4fcbbc9f9e213419be025d600

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length: 80371
Content-Type: application/javascript

GET
BLOB 200
OK 09e9855c-2910-4d9c-b334-06ee8ceeaa00
https://my.hotnewsmm.xyz/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://my.hotnewsmm.xyz/09e9855c-2910-4d9c-b334-06ee8ceeaa00
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f7599bee29320a0bd9e8eeb17d6bec67327eeb4fcbbc9f9e213419be025d600

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length: 80371
Content-Type: application/javascript

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QQ0G9M610C&gtm=45je3360&_p=695995649&cid=139941530.1678327688&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678327690&sct=1&seg=0&dl=https%3A%2F%2Fmy.hotnewsmm.xyz%2F&dt=Blog%20HotNews&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QQ0G9M610C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 02:08:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.hotnewsmm.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 513B 156 B
655 B 447ms
230ms XHR
text/xml 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22814014974%2Flions_hotnewsmm_xyz_gpt1_preroll&tfcd=0&npa=0&sz=1x1%7C192x108%7C320x180%7C400x225%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1513898266120512&adsafe=medium&hl=en&vpos=preroll&description_url=https%3A%2F%2Fmy.hotnewsmm.xyz%2F&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.560.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1633829137&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.560.0&sid=6F207947-4089-4EF1-BB7A-B679F81F86FD&nel=0&eid=44731964%2C44748969%2C44750822%2C44752657%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fmy.hotnewsmm.xyz%2F&dt=1678327691106&cookie=ID%3D67e8ab342d7a7472-22f487b046dd0069%3AT%3D1678327687%3ART%3D1678327687%3AS%3DALNI_MbezdDGK3-9ZDOf3jOKI_2ZGAd0Aw&gpic=UID%3D00000bc297210522%3AT%3D1678327687%3ART%3D1678327687%3AS%3DALNI_MYtZXbr_bKQabA9DtEgO4JZaHvxpg&scor=3775691994063152&ged=ve4_td4_tt0_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.560.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video.m3u8 Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 4 KB
1 KB 13ms
13ms XHR
application/vnd.apple.mpegurl 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video.m3u8
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: 4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:11 GMT
content-encoding: gzip
cdn-edgestorageid: 864
cdn-storageserver: DE-197
cdn-cachedat: 02/05/2023 21:16:37
cdn-pullzone: 829957
last-modified: Fri, 09 Dec 2022 05:43:14 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 301
cdn-requestpullcode: 206
cdn-proxyver: 1.03
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=30
cdn-requestid: 3b4ed99f59aa0b859555c88d9d67d27d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video0.ts Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 337 KB
338 KB 61ms
61ms XHR
video/mp2t 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video0.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:11 GMT
cdn-edgestorageid: 1076
cdn-storageserver: DE-199
cdn-cachedat: 01/30/2023 07:35:59
cdn-pullzone: 829957
content-length: 345356
last-modified: Fri, 09 Dec 2022 05:43:17 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 510
cdn-requestpullcode: 206
cdn-proxyver: 1.03
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: ef277cdbb7e9b842b0f94bf0421c8a13
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video1.ts Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 318 KB
318 KB 13ms
13ms XHR
video/mp2t 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video1.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:11 GMT
cdn-edgestorageid: 723
cdn-storageserver: DE-164
cdn-cachedat: 01/30/2023 07:35:58
cdn-pullzone: 829957
content-length: 325240
last-modified: Fri, 09 Dec 2022 05:43:15 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 162
cdn-requestpullcode: 206
cdn-proxyver: 1.03
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: e1a95d8d9883be4e16c201e40d2515b1
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
296 B 96ms
96ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-sc/s/0.7.2/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://my.hotnewsmm.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://my.hotnewsmm.xyz
Date: Thu, 09 Mar 2023 02:08:11 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H2 204 csi
csi.gstatic.com/ Frame 513B 0
234 B 764ms
116ms Ping
image/gif 2607:f8b0:4001:c1e::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lf0gz2f2&c=7431034398423&slotId=3715517199211.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.560.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c1e::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 02:08:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video2.ts Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 391 KB
392 KB 14ms
13ms XHR
video/mp2t 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video2.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: 504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:11 GMT
cdn-edgestorageid: 755
cdn-storageserver: DE-200
cdn-cachedat: 01/30/2023 07:35:59
cdn-pullzone: 829957
content-length: 400064
last-modified: Fri, 09 Dec 2022 05:43:17 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 86
cdn-requestpullcode: 206
cdn-proxyver: 1.03
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 4983d8dedb35c2a8d13e1e14e87d1633
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video3.ts Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 320 KB
321 KB 14ms
14ms XHR
video/mp2t 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video3.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: 667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:11 GMT
cdn-edgestorageid: 860
cdn-storageserver: DE-51
cdn-cachedat: 01/30/2023 07:35:59
cdn-pullzone: 829957
content-length: 327308
last-modified: Fri, 09 Dec 2022 05:43:14 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 276
cdn-requestpullcode: 206
cdn-proxyver: 1.03
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 4d40b78f89591008512f67b081f7b63c
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 csi
csi.gstatic.com/ Frame 513B 0
45 B 192ms
118ms Ping
image/gif 2607:f8b0:4001:c1e::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lf0gz2uj&c=7431034398423&slotId=3715517199211.5&ghmsh_eids=44731964%2C44748969%2C44750822%2C44752657%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.560.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c1e::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 02:08:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video4.ts Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 333 KB
334 KB 14ms
13ms XHR
video/mp2t 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video4.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: 19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:12 GMT
cdn-edgestorageid: 1076
cdn-storageserver: DE-197
cdn-cachedat: 01/30/2023 07:35:58
cdn-pullzone: 829957
content-length: 341032
last-modified: Fri, 09 Dec 2022 05:43:16 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 510
cdn-requestpullcode: 206
cdn-proxyver: 1.03
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 9f58e44d82b7a7b7a77b7cabfad07b85
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video5.ts Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 349 KB
350 KB 15ms
15ms XHR
video/mp2t 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video5.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:12 GMT
cdn-edgestorageid: 1053
cdn-storageserver: DE-169
cdn-cachedat: 01/30/2023 07:35:58
cdn-pullzone: 829957
content-length: 357576
last-modified: Fri, 09 Dec 2022 05:43:16 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 510
cdn-requestpullcode: 206
cdn-proxyver: 1.03
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 1a5ea228579c11450065ef338b4e972a
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 22ms
21ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=my.hotnewsmm.xyz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 45ms
44ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=my.hotnewsmm.xyz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 513B 156 B
185 B 214ms
213ms XHR
text/xml 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22814014974%2Flions_hotnewsmm_xyz_gpt2_preroll&tfcd=0&npa=0&sz=1x1%7C192x108%7C320x180%7C400x225%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2298310143250398&adsafe=medium&hl=en&vpos=preroll&description_url=https%3A%2F%2Fmy.hotnewsmm.xyz%2F&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.560.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1633829137&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.560.0&sid=6F207947-4089-4EF1-BB7A-B679F81F86FD&nel=0&eid=44731964%2C44748969%2C44750822%2C44752657%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fmy.hotnewsmm.xyz%2F&dlt=1678327687247&idt=3798&dt=1678327692284&cookie=ID%3D67e8ab342d7a7472-22f487b046dd0069%3AT%3D1678327687%3ART%3D1678327687%3AS%3DALNI_MbezdDGK3-9ZDOf3jOKI_2ZGAd0Aw&gpic=UID%3D00000bc297210522%3AT%3D1678327687%3ART%3D1678327687%3AS%3DALNI_MYtZXbr_bKQabA9DtEgO4JZaHvxpg&scor=971681179183771&ged=ve4_td5_tt1_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.560.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video6.ts Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 366 KB
367 KB 14ms
14ms XHR
video/mp2t 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video6.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: 90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:12 GMT
cdn-edgestorageid: 874
cdn-storageserver: DE-199
cdn-cachedat: 01/30/2023 07:35:58
cdn-pullzone: 829957
content-length: 374496
last-modified: Fri, 09 Dec 2022 05:43:14 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 162
cdn-requestpullcode: 206
cdn-proxyver: 1.03
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 8c08c3bff5e1653b4d2aace295b47ab3
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video7.ts Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 374 KB
375 KB 14ms
14ms XHR
video/mp2t 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video7.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: 68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:12 GMT
cdn-edgestorageid: 1047
cdn-storageserver: DE-199
cdn-cachedat: 01/30/2023 07:35:59
cdn-pullzone: 829957
content-length: 382956
last-modified: Fri, 09 Dec 2022 05:43:15 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 492
cdn-requestpullcode: 206
cdn-proxyver: 1.03
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 6d2311940a558d8a68db757078265b5e
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video8.ts Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 330 KB
332 KB 14ms
14ms XHR
video/mp2t 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video8.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: 4566667750e0f69a6e00802b4c1e70eeb7f673be8f98ffff189a652c4dbad2fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:12 GMT
cdn-edgestorageid: 865
cdn-storageserver: DE-198
cdn-cachedat: 01/30/2023 07:35:59
cdn-pullzone: 829957
content-length: 338212
last-modified: Fri, 09 Dec 2022 05:43:16 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 494
cdn-requestpullcode: 206
cdn-proxyver: 1.03
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: e8cacf0de8c436bb1feb3c42b69b264f
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=my.hotnewsmm.xyz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 43ms
42ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=my.hotnewsmm.xyz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 513B 156 B
142 B 219ms
218ms XHR
text/xml 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22814014974%2Flions_hotnewsmm_xyz_gpt1_preroll&tfcd=0&npa=0&sz=1x1%7C192x108%7C320x180%7C400x225%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1699728525000732&adsafe=medium&hl=en&vpos=preroll&description_url=https%3A%2F%2Fmy.hotnewsmm.xyz%2F&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.560.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1633829137&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.560.0&sid=6F207947-4089-4EF1-BB7A-B679F81F86FD&nel=0&eid=44731964%2C44748969%2C44750822%2C44752657%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fmy.hotnewsmm.xyz%2F&dlt=1678327687247&idt=3798&dt=1678327693218&cookie=ID%3D67e8ab342d7a7472-22f487b046dd0069%3AT%3D1678327687%3ART%3D1678327687%3AS%3DALNI_MbezdDGK3-9ZDOf3jOKI_2ZGAd0Aw&gpic=UID%3D00000bc297210522%3AT%3D1678327687%3ART%3D1678327687%3AS%3DALNI_MYtZXbr_bKQabA9DtEgO4JZaHvxpg&scor=1800525913739599&ged=ve4_td6_tt2_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.560.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=my.hotnewsmm.xyz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 43ms
43ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=my.hotnewsmm.xyz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 513B 156 B
142 B 166ms
166ms XHR
text/xml 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22814014974%2Flions_hotnewsmm_xyz_gpt2_preroll&tfcd=0&npa=0&sz=1x1%7C192x108%7C320x180%7C400x225%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4065078810184960&adsafe=medium&hl=en&vpos=preroll&description_url=https%3A%2F%2Fmy.hotnewsmm.xyz%2F&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.560.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1633829137&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.560.0&sid=6F207947-4089-4EF1-BB7A-B679F81F86FD&nel=0&eid=44731964%2C44748969%2C44750822%2C44752657%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fmy.hotnewsmm.xyz%2F&dlt=1678327687247&idt=3798&dt=1678327694161&cookie=ID%3D67e8ab342d7a7472-22f487b046dd0069%3AT%3D1678327687%3ART%3D1678327687%3AS%3DALNI_MbezdDGK3-9ZDOf3jOKI_2ZGAd0Aw&gpic=UID%3D00000bc297210522%3AT%3D1678327687%3ART%3D1678327687%3AS%3DALNI_MYtZXbr_bKQabA9DtEgO4JZaHvxpg&scor=471166461554170&ged=ve4_td7_tt3_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.560.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video9.ts Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 339 KB
340 KB 13ms
13ms XHR
video/mp2t 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video9.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: 7aa95df1ffc63e213d6db88e7dcc4b7eff7cad0a0687ddedebbbfa4ef7be8952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:15 GMT
cdn-edgestorageid: 1077
cdn-storageserver: DE-199
cdn-cachedat: 01/30/2023 07:35:59
cdn-pullzone: 829957
content-length: 347236
last-modified: Fri, 09 Dec 2022 05:43:17 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 275
cdn-requestpullcode: 206
cdn-proxyver: 1.03
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 7c7bfe242cf6e5f83260bf2b11b45065
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=my.hotnewsmm.xyz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 43ms
42ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=my.hotnewsmm.xyz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 513B 156 B
142 B 219ms
219ms XHR
text/xml 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22814014974%2Flions_hotnewsmm_xyz_gpt1_preroll&tfcd=0&npa=0&sz=1x1%7C192x108%7C320x180%7C400x225%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1972927818697641&adsafe=medium&hl=en&vpos=preroll&description_url=https%3A%2F%2Fmy.hotnewsmm.xyz%2F&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.560.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1633829137&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.560.0&sid=6F207947-4089-4EF1-BB7A-B679F81F86FD&nel=0&eid=44731964%2C44748969%2C44750822%2C44752657%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fmy.hotnewsmm.xyz%2F&dlt=1678327687247&idt=3798&dt=1678327695049&cookie=ID%3D67e8ab342d7a7472-22f487b046dd0069%3AT%3D1678327687%3ART%3D1678327687%3AS%3DALNI_MbezdDGK3-9ZDOf3jOKI_2ZGAd0Aw&gpic=UID%3D00000bc297210522%3AT%3D1678327687%3ART%3D1678327687%3AS%3DALNI_MYtZXbr_bKQabA9DtEgO4JZaHvxpg&scor=3933505311823292&ged=ve4_td8_tt4_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.560.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 21ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=my.hotnewsmm.xyz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 46ms
42ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=my.hotnewsmm.xyz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 513B 156 B
142 B 207ms
206ms XHR
text/xml 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22814014974%2Flions_hotnewsmm_xyz_gpt2_preroll&tfcd=0&npa=0&sz=1x1%7C192x108%7C320x180%7C400x225%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1691332809635760&adsafe=medium&hl=en&vpos=preroll&description_url=https%3A%2F%2Fmy.hotnewsmm.xyz%2F&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.560.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1633829137&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.560.0&sid=6F207947-4089-4EF1-BB7A-B679F81F86FD&nel=0&eid=44731964%2C44748969%2C44750822%2C44752657%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fmy.hotnewsmm.xyz%2F&dlt=1678327687247&idt=3798&dt=1678327695995&cookie=ID%3D67e8ab342d7a7472-22f487b046dd0069%3AT%3D1678327687%3ART%3D1678327687%3AS%3DALNI_MbezdDGK3-9ZDOf3jOKI_2ZGAd0Aw&gpic=UID%3D00000bc297210522%3AT%3D1678327687%3ART%3D1678327687%3AS%3DALNI_MYtZXbr_bKQabA9DtEgO4JZaHvxpg&scor=3189274132981548&ged=ve4_td9_tt5_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.560.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video10.ts Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 323 KB
324 KB 14ms
14ms XHR
video/mp2t 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video10.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: c9ce49ef364cf2950aed5e50799ce8cc6ca3484f393d179a31dc7425957d549e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.hotnewsmm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:08:16 GMT
cdn-edgestorageid: 1078
cdn-storageserver: DE-199
cdn-cachedat: 01/30/2023 07:35:58
cdn-pullzone: 829957
content-length: 330880
last-modified: Fri, 09 Dec 2022 05:43:16 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 492
cdn-requestpullcode: 206
cdn-proxyver: 1.03
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 9d52013f5dbb035ca61b6be931d0f631
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hotnewsmm.xyz/	1970-01-20 19:48:07	Name: _ga_V8FD1SYQLQ Value: GS1.1.1678327687.1.0.1678327687.0.0.0
.hotnewsmm.xyz/	1970-01-20 10:13:34	Name: _gid Value: GA1.2.774518909.1678327688
.hotnewsmm.xyz/	1970-01-20 10:12:07	Name: _gat_gtag_UA_203682812_13 Value: 1
.hotnewsmm.xyz/	1970-01-20 10:12:07	Name: _gat_gtag_UA_203682812_5 Value: 1
.hotnewsmm.xyz/	1970-01-20 19:33:43	Name: __gads Value: ID=67e8ab342d7a7472-22f487b046dd0069:T=1678327687:RT=1678327687:S=ALNI_MbezdDGK3-9ZDOf3jOKI_2ZGAd0Aw
.hotnewsmm.xyz/	1970-01-20 19:33:43	Name: __gpi Value: UID=00000bc297210522:T=1678327687:RT=1678327687:S=ALNI_MYtZXbr_bKQabA9DtEgO4JZaHvxpg
.doubleclick.net/	1970-01-20 19:33:43	Name: IDE Value: AHWqTUmRD2Y99JUJCNfEy4GND8-vKextHWTeLTglYjxdEJD2ye35Q2bWia6d5NmF
www.clarity.ms/	1970-01-20 18:57:43	Name: CLID Value: ac96ee54a3a44ca688b1611522a7115c.20230309.20240308
.hotnewsmm.xyz/	1970-01-20 18:57:43	Name: _clck Value: 11d6ot2\|1\|f9r\|0
.bing.com/	1970-01-20 19:33:43	Name: MUID Value: 1CEF1B97CDCB6F4D02550958CCA06E7A
.c.bing.com/	1970-01-20 10:22:12	Name: MR Value: 0
.c.bing.com/	1970-01-20 19:33:43	Name: SRM_B Value: 1CEF1B97CDCB6F4D02550958CCA06E7A
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 19:33:43	Name: MUID Value: 1CEF1B97CDCB6F4D02550958CCA06E7A
.c.clarity.ms/	1970-01-20 10:22:12	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 10:12:08	Name: ANONCHK Value: 0
.hotnewsmm.xyz/	1970-01-20 10:13:34	Name: _clsk Value: kes9ce\|1678327690649\|1\|0\|p.clarity.ms/collect
.hotnewsmm.xyz/	1970-01-20 19:48:07	Name: _ga_QQ0G9M610C Value: GS1.1.1678327690.1.0.1678327690.0.0.0
.hotnewsmm.xyz/	1970-01-20 19:48:07	Name: _ga Value: GA1.1.139941530.1678327688

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 459) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-3073985723087695&fa=3&ifi=2&uci=a!2&btvi=1&xpc=To3wqytR51&p=https%3A//my.hotnewsmm.xyz Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-3073985723087695&fa=4&ifi=3&uci=a!3&btvi=2&xpc=C8zcTsknaY&p=https%3A//my.hotnewsmm.xyz Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.unibots.in
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdn.taboola.com
cdn.unibotscdn.com
csi.gstatic.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
imasdk.googleapis.com
my.hotnewsmm.xyz
p.clarity.ms
pagead2.googlesyndication.com
partner.googleadservices.com
pubads.g.doubleclick.net
region1.google-analytics.com
s0.2mdn.net
sb.scorecardresearch.com
secure.gravatar.com
stream.unibotscdn.com
tpc.googlesyndication.com
unpkg.com
vjs.zencdn.net
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
13.32.99.90
151.101.1.44
172.217.18.2
20.122.63.128
2001:4860:4802:34::36
2400:52e0:1e00::1077:1
2400:52e0:1e00::864:1
2606:4700::6810:7caf
2606:4700:e0::ac40:6320
2607:f8b0:4001:c1e::5e
2620:1ec:4e:1::44
2620:1ec:c11::200
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
2a00:1450:400d:803::2008
2a00:1450:400d:806::2002
2a00:1450:400d:807::200a
2a02:2638:3::c
2a04:4e42:600::485
2a04:4e42::729
2a04:fa87:fffe::c000:4902
45.79.126.27
68.219.88.97
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
063b4afd1654b930aae11f25e985a36988aa64378141fdc53bd0fc4df8279608
064fbddc18ada3729fd8502547f91c122b01670cc5634625b0e0ae9a4bf28980
0b69e5f3ff4f4334a57797153ed18c266f06e757220c9968a2509c38577c1753
0cf115f1974b3dccbb1d018b70d29b105bd35b1cabf7e1af2de186cc8a262581
112c80242954e52c5e7c24caa97d660e2e9a62df210d4b7d5e770089966b58d7
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19aefd03ea9ef77b7966ddc1c3bf71ae0b42c7f36ffa304a00e1bba001ec744e
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
26c1cab590bee2654d73a27f332a6bdfc888cc589bb7f89b33e1f83a77bb921b
29912119ff1370e9eaf64b7b65bcb38e4e27862cc5cf3e5a860f7529eb995385
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5
30fcc4283044721244082c5703d5879bb1f73ef227fb716bcdce2cf3537797aa
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
361aa46bb92764d5f59b738b152c4f475ec1c76484f7d9aecaa78b3c0b813401
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2
3a2a35055d55edd1f08bc62af556568af32015ed99b097b059c002d0f18d2f0f
3f7599bee29320a0bd9e8eeb17d6bec67327eeb4fcbbc9f9e213419be025d600
40eb9a42a0cb1aa195e203e0b026d1bb1282d050ea07ddee5ed8d74995f4a376
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd
4566667750e0f69a6e00802b4c1e70eeb7f673be8f98ffff189a652c4dbad2fc
4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b
4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550
4e4b9f5964adbed2c9111043e4477578a28e37164c518a0b8d2e2c2963b54e29
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5227153a9de496caa2ec6bda8b7daff8e4fdc7d4f309121b094f939a6289da43
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c25f91380c8df2456a48651048450958c39ad83e899971207992aef70f83296
5e7d4e5f8888b63bbeac9516f9d0f33d5a069710480e7d62962b4c8e26e5ad25
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f53bd906e325d2a13adb97710f8223948b46c7c5b48b05d50442d24abf9ddc
62059da5a0a7035f03ac09dc2bfd48a49210567d7ed2aff6963e54e27dbaeb3e
63d6a4b35e52a736a67763cf9898fbf2e3807004ef7a2e3c9945db77ae4b6a9f
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
7079c4a270a27cec5738869ff1c650bcb431e7427aa282e507005fbdd4102b4e
71399e7907b721d948b74017e579e57cb5fc9599cd3523cb3aeb9322f932a727
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7aa95df1ffc63e213d6db88e7dcc4b7eff7cad0a0687ddedebbbfa4ef7be8952
7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
8179ab307c010a6d20544843e1a52fb257b1e1bada34d5c027b73972b2244088
8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd
85d3987a45a0fdca18652344761e0dce4f3616d51f7788ad3447c18a8eea5291
8731d06bbb18c05499f193a32c336d5233aae87ef497341b19e5a08b8ec54ed3
87ad3937041399e3fa70ced9c237f347f54eed87a593ef7672ae6bd8f694aa2e
8905d5ee4beeba3c083fcc46a4fb23bedd43fbbaad0e8a56c7ef840327e94acf
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8e67c0a5868bc15d96e6a0a26c055f701365547e209401d18f39f981e0da4e01
8f5b6120735ae3dfe42fc332f12c20592743629e277ffabe9a0eeb1cd6a7b6f3
90bcf964eccf69e68420c35e7120f9f38896ce99896314a84e9be0fedeae2106
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d
91d7c7fc67c09617f57d5a3ff13eb5c6f053f2785d0e5d992b16207972f09b95
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365
99b523edd72385876c466fc061393829b08dec3aa544963373b22a08fb97784f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a115865d23b718c732924bc3d6bb99c9fcff2ff2a0bbe003e37be3f4c006768e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a
a60a1b492ccc3784df2d649db4bf3fbb8bb70a583522a61194e7552a6e28c5aa
a7fe9347c265a8ef227a2c0e3e0e6e62e75f14784355f556fa9ddb864c5753f6
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b81e011e0e5932a62615b2b8140ffbba3c90c0200b4b89f4a7a5792aad991c20
ba8a13aac190bf046ca316cda41413f8be04510517f93ed989e0c736377ee71f
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c9ce49ef364cf2950aed5e50799ce8cc6ca3484f393d179a31dc7425957d549e
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d4bcbf4a94cbfbf86bc0e90e0db357ab74ab6b564a639e0bb4dae255674f62f9
d5d449964b98c3b2bb88a3531d59db3f9644c7ab1a1175349f50e6c8fbd9397d
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d795ec1e20106eda999fb8ca3f00a6a1ba3302c998855e96e7299a429d7fbdaa
d8e8b70424cd0f3f1f5a9285e3b0d2a0d5546f371544550969facf69b81a0d90
d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a
dd0c4bf09ca26234fe98e2b147fd9335fbc93aaf4fcd6f8f43512aff9cdb53a2
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e2a387f6a7cdac265c90c59daa4f30eeb1d183b8bcce4858384ab51d33c94533
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e66899c21bb1e59f25f7cc33670d6d88fa28909725767f1c91d7beeed56573da
ecf9dbfa741fed95b15d70c0f1b2af28df948c3994f37412c5e48e8d2cf9e644
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
f21f34e491d839f5ee6ad111d010c18f255af5d80d20c3084519c73936c35d1b
f3806033fe74d8fe80ae601269d22a430ac492f688b25eb71a5526d1268addef
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9
fa2e4597f650d216d5f87c66b0781b6774eb8b4ee9ad58690a627241caf3f8c3

my.hotnewsmm.xyz Open in urlscan Pro 2606:4700:e0::ac40:6320 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

159 Requests

96 %HTTPS

81 %IPv6

23 Domains

33 Subdomains

31 IPs

6 Countries

6406 kBTransfer

11455 kBSize

19 Cookies

1 Outgoing links

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

my.hotnewsmm.xyz Open in urlscan Pro
2606:4700:e0::ac40:6320 Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

96 %
HTTPS

81 %
IPv6

23
Domains

33
Subdomains

31
IPs

6
Countries

6406 kB
Transfer

11455 kB
Size

19
Cookies

159 HTTP transactions
6 data transactions