Submitted URL: http://static.espreso.tv/
Effective URL: https://espreso.tv/
Submission: On June 06 via manual from US — Scanned from DE

Summary

This website contacted 36 IPs in 9 countries across 28 domains to perform 163 HTTP transactions. The main IP is 2606:4700::6812:b94, located in United States and belongs to CLOUDFLARENET, US. The main domain is espreso.tv. The Cisco Umbrella rank of the primary domain is 365554.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 20th 2023. Valid for: a year.
This is the only time espreso.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 89.184.82.24 28907 (MIROHOST ...)
36 2606:4700::68... 13335 (CLOUDFLAR...)
7 89.184.66.93 28907 (MIROHOST ...)
21 137.74.6.209 16276 (OVH)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 4 51.83.200.186 16276 (OVH)
4 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f08... 32934 (FACEBOOK)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 45.133.44.3 39572 (ADVANCEDH...)
1 146.59.30.96 16276 (OVH)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f17... 32934 (FACEBOOK)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
3 2a0c:5c81:514... 55081 (24SHELLS)
1 9 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 178.250.1.11 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 37.157.6.243 198622 (ADFORM)
6 142.250.185.194 15169 (GOOGLE)
1 35.227.252.103 15169 (GOOGLE)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
2 2 35.173.145.243 14618 (AMAZON-AES)
3 3 199.127.204.142 26120 (RHYTHMONE)
2 2 37.252.171.52 29990 (ASN-APPNEX)
163 36
Apex Domain
Subdomains
Transfer
55 espreso.tv
static.espreso.tv — Cisco Umbrella Rank: 675831
espreso.tv — Cisco Umbrella Rank: 365554
media.espreso.tv — Cisco Umbrella Rank: 661555
2 MB
21 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 24212
file.adpartner.pro — Cisco Umbrella Rank: 356897
78 KB
19 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
249 KB
16 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 221
stats.g.doubleclick.net — Cisco Umbrella Rank: 111
googleads.g.doubleclick.net — Cisco Umbrella Rank: 51
cm.g.doubleclick.net — Cisco Umbrella Rank: 231
197 KB
7 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3105
www.google.com — Cisco Umbrella Rank: 3
adservice.google.com — Cisco Umbrella Rank: 103
2 KB
6 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 7073
ghb.adtelligent.com — Cisco Umbrella Rank: 5987
202 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 5230
adservice.google.de — Cisco Umbrella Rank: 8155
1 KB
5 gemius.pl
gaua.hit.gemius.pl — Cisco Umbrella Rank: 60373
ls.hit.gemius.pl — Cisco Umbrella Rank: 12624
22 KB
4 gstatic.com
www.gstatic.com
encrypted-tbn1.gstatic.com
fonts.gstatic.com
98 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
203 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
41 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 416
mug.criteo.com — Cisco Umbrella Rank: 2331
7 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
234 B
3 mailerlite.com
static.mailerlite.com — Cisco Umbrella Rank: 16017
7 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
184 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 446
2 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 601
2 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2279
807 B
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 762
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 598
1 KB
2 adtcdn.com
player.adtcdn.com — Cisco Umbrella Rank: 50374
2 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1209
680 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1176
245 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3164
104 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
55 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 66
975 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 569
13 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1056
600 B
163 28
Domain Requested by
36 espreso.tv espreso.tv
20 a4p.adpartner.pro espreso.tv
a4p.adpartner.pro
12 static.espreso.tv 1 redirects espreso.tv
9 tpc.googlesyndication.com 1 redirects pagead2.googlesyndication.com
tpc.googlesyndication.com
935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
8 pagead2.googlesyndication.com espreso.tv
pagead2.googlesyndication.com
tpc.googlesyndication.com
935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
7 media.espreso.tv espreso.tv
6 cm.g.doubleclick.net 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
5 securepubads.g.doubleclick.net espreso.tv
securepubads.g.doubleclick.net
4 www.google.com tpc.googlesyndication.com
935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
4 connect.facebook.net espreso.tv
connect.facebook.net
4 www.google-analytics.com www.googletagmanager.com
a4p.adpartner.pro
www.google-analytics.com
4 gaua.hit.gemius.pl 1 redirects espreso.tv
gaua.hit.gemius.pl
3 ghb.adtelligent.com player.adtelligent.com
3 www.facebook.com
3 player.adtelligent.com player.adtcdn.com
player.adtelligent.com
3 static.mailerlite.com espreso.tv
static.mailerlite.com
3 www.google.de
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com espreso.tv
2 secure.adnxs.com 2 redirects
2 sync.1rx.io 2 redirects
2 match.360yield.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 c1.adform.net 2 redirects
2 encrypted-tbn1.gstatic.com 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
2 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 gum.criteo.com 1 redirects static.criteo.net
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 player.adtcdn.com espreso.tv
1 fonts.gstatic.com fonts.googleapis.com
1 sync.targeting.unrulymedia.com 1 redirects
1 rtb.openx.net 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
1 dclk-match.dotomi.com 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
1 www.gstatic.com 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
1 www.googletagservices.com 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
1 fonts.googleapis.com 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
1 mug.criteo.com
1 static.criteo.net securepubads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 file.adpartner.pro
1 ls.hit.gemius.pl gaua.hit.gemius.pl
1 region1.analytics.google.com www.googletagmanager.com
163 44
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-02-20 -
2024-02-20
a year crt.sh
*.espreso.tv
Sectigo RSA Domain Validation Secure Server CA
2022-06-21 -
2023-07-11
a year crt.sh
adpartner.pro
R3
2023-05-23 -
2023-08-21
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
adtcdn.com
GTS CA 2P2
2023-05-17 -
2023-08-15
3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA
2022-09-13 -
2023-09-25
a year crt.sh
www.google.de
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-03-17 -
2023-06-15
3 months crt.sh
mailerlite.com
Cloudflare Inc ECC CA-3
2023-05-30 -
2024-05-29
a year crt.sh
player.adtelligent.com
R3
2023-05-20 -
2023-08-18
3 months crt.sh
www.google.com
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
*.google.de
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
*.google.com
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-27 -
2023-08-27
3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2023-06-01 -
2023-08-30
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-12 -
2023-08-10
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-08-09 -
2023-09-10
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh

This page contains 24 frames:

Primary Page: https://espreso.tv/
Frame ID: 950245B7559261B00FEF8A00249A7725
Requests: 94 HTTP requests in this frame

Frame: https://espreso.tv/streamonline
Frame ID: C08ADF3A7D674CAC4AF263F8D49E4672
Requests: 18 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=7f28775e-8996-4244-8ff7-e906c7a66ada&site_visited=1&location=https%3A%2F%2Fespreso.tv%2F&referer=
Frame ID: 8BDD18903EECDDBE5BCEF38A90FBDDAF
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=7825&apuid=d498283b-b3ef-4ecc-8312-d73733fad61e&session_pageview=1&session_id=7f28775e-8996-4244-8ff7-e906c7a66ada&site_visited=1&location=https%3A%2F%2Fespreso.tv%2F
Frame ID: 8C4E2640C215470F8B4D470F10E415E9
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/htmlunit/ls?htmlunit=757&bannerNum=93140950746865970&apuid=d498283b-b3ef-4ecc-8312-d73733fad61e&session_pageview=1&session_id=7f28775e-8996-4244-8ff7-e906c7a66ada&site_visited=1&location=https%3A%2F%2Fespreso.tv%2F
Frame ID: BCE14DB70AE4D91109307740D609C235
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/htmlunit/ls?htmlunit=8883&bannerNum=74301727013603980&apuid=d498283b-b3ef-4ecc-8312-d73733fad61e&session_pageview=1&session_id=7f28775e-8996-4244-8ff7-e906c7a66ada&site_visited=1&location=https%3A%2F%2Fespreso.tv%2F
Frame ID: 777857549521C9FF997BF3B8AD75C8B9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html
Frame ID: 53C79FE16C92043FA1A1F738696F4C75
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/event?apuid=d498283b-b3ef-4ecc-8312-d73733fad61e
Frame ID: FEF9675E6FC84B5542D1C645355083FB
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 038B79008EAF32EC03786DB3EA3B39F7
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d498283b-b3ef-4ecc-8312-d73733fad61e%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A757%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522use_viewability%2522%253Afalse%252C%2522url%2522%253A%2522https%253A%252F%252Fespreso.tv%252F%2522%257D
Frame ID: DA03AD383C6414D02BB38B46DA9C1F99
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d498283b-b3ef-4ecc-8312-d73733fad61e%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A3290922%252C%2522rule_id%2522%253A246161%252C%2522show_id%2522%253A%25220d8b711d-8bd9-4c4a-bffd-c70a6c80c3d1%2522%257D%255D%252C%2522unit_id%2522%253A8883%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25220d8b711d-8bd9-4c4a-bffd-c70a6c80c3d1%2522%252C%2522use_viewability%2522%253Afalse%252C%2522url%2522%253A%2522https%253A%252F%252Fespreso.tv%252F%2522%257D
Frame ID: B01A034253DCFA25E1C2051BC9596CE4
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/event
Frame ID: 5B2A575592BCC33AEF4C9D56AD1F623F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9947899611690155&output=html&adk=1812271804&adf=3025194257&lmt=1686082222&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fespreso.tv%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686082233841&bpp=3&bdt=418&idt=267&shv=r20230531&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1719541547130&frm=20&pv=2&ga_vid=1770581484.1686082234&ga_sid=1686082234&ga_hid=244157220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44792109%2C44759875%2C44759926%2C31075067%2C44788441&oid=2&pvsid=4243143396191436&tmod=2070928439&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=291
Frame ID: C0796712D7AE28621D1E6519FD7EB64D
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d498283b-b3ef-4ecc-8312-d73733fad61e%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A7825%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fespreso.tv%252F%2522%257D
Frame ID: E4AEB3AF221DD66A523401CC9CE2CC25
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A7D124D2FD9E75D2109540B430B381C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8D24CB2FB915EAAB066593679341B7E9
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=espreso.tv
Frame ID: 745FDE3605FF07647C781E2F84F3854C
Requests: 2 HTTP requests in this frame

Frame: https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 75981D1407A532BA426FBA2FEEBB6885
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 892354593C70642AB4A6C8479046D11C
Requests: 1 HTTP requests in this frame

Frame: https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 51CF547E42D47A84F2B4C6724610DEBF
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ADEF6F20D2C175ECD8891F091C016608
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js
Frame ID: 6A78006481F4F5E0C6CBD09F5F3B4A35
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d498283b-b3ef-4ecc-8312-d73733fad61e%2522%252C%2522event%2522%253A%2522vb_iab1%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A3290922%252C%2522rule_id%2522%253A246161%252C%2522show_id%2522%253A%25220d8b711d-8bd9-4c4a-bffd-c70a6c80c3d1%2522%257D%255D%252C%2522unit_id%2522%253A8883%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25220d8b711d-8bd9-4c4a-bffd-c70a6c80c3d1%2522%252C%2522use_viewability%2522%253Afalse%252C%2522url%2522%253A%2522https%253A%252F%252Fespreso.tv%252F%2522%257D
Frame ID: 6891CCA1BB66421E980B129B7F60AC95
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d498283b-b3ef-4ecc-8312-d73733fad61e%2522%252C%2522event%2522%253A%2522vb_iab2%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A3290922%252C%2522rule_id%2522%253A246161%252C%2522show_id%2522%253A%25220d8b711d-8bd9-4c4a-bffd-c70a6c80c3d1%2522%257D%255D%252C%2522unit_id%2522%253A8883%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25220d8b711d-8bd9-4c4a-bffd-c70a6c80c3d1%2522%252C%2522use_viewability%2522%253Afalse%252C%2522url%2522%253A%2522https%253A%252F%252Fespreso.tv%252F%2522%257D
Frame ID: B970751830D3D8335610C3A3AB13B868
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Український погляд на світ: новини, відео, репортажі, ексклюзиви ᐈ Еспресо

Page URL History Show full URLs

  1. http://static.espreso.tv/ HTTP 301
    https://espreso.tv/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Page Statistics

163
Requests

94 %
HTTPS

65 %
IPv6

28
Domains

44
Subdomains

36
IPs

9
Countries

3235 kB
Transfer

7800 kB
Size

35
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://static.espreso.tv/ HTTP 301
    https://espreso.tv/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114
  • https://gaua.hit.gemius.pl/_1686082234236/rexdot.js?l=100&sendf=24&id=d61KuEcWTzv7RDf6B0jiIscQ.GOwYhfzh6San4D1SZz.X7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fespreso.tv%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=.hknJbr5FJ8BM1EoeyD4iPktb8tEisXu_wRQv8L4KBf.M7WwnPIRyWwDrhqMyahAk605m_57DDa_2jrM7AziXMTfhjf2/sDVGi6yb5AlhB/&fpdata=98LLrp8YF067Bf2y3BN8tiwIW0IpE_LGsychkE06vBn.p7&ltime=268&fr=1&ref=&inner=_ver%3D342%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=647f92b9398bb1ab&brts=1686082234&fpcap= HTTP 301
  • https://gaua.hit.gemius.pl/__/_1686082234236/rexdot.js?l=100&sendf=24&id=d61KuEcWTzv7RDf6B0jiIscQ.GOwYhfzh6San4D1SZz.X7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fespreso.tv%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=.hknJbr5FJ8BM1EoeyD4iPktb8tEisXu_wRQv8L4KBf.M7WwnPIRyWwDrhqMyahAk605m_57DDa_2jrM7AziXMTfhjf2/sDVGi6yb5AlhB/&fpdata=98LLrp8YF067Bf2y3BN8tiwIW0IpE_LGsychkE06vBn.p7&ltime=268&fr=1&ref=&inner=_ver%3D342%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=647f92b9398bb1ab&brts=1686082234&fpcap=
Request Chain 130
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=espreso.tv&sn=ChromeSyncframe&so=0&topUrl=espreso.tv&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=nlqqzXxERTJLUXdZdm8yVnFDL0cyK2gvUllYbVpZN0M3WGFqS2QxOTJZQndBRktKcUh4dVFXWEEwWFdzVzQ0KzkyZ2x2UkR2eEdwYzlKd0xkUE5pb3BFQ2s2OXlFQWZUZGpWeHhjenpSU003OTVkUDI5ZXVjTHFLd2lJQ2tnV0VuSmFtSkx4azh0VkNtSmlsTE9RQzFFaVY1RW8xU3JkQjBwZHByejN2eWdRbDBDSGxEb1h3Y0E1TVVaUnA5dWtEZWdtT0xNNlJhbXFiZ3JJNllKWTRBMVdkUjlpS3o3czRtbElpUjM2RGJ2S2hwaXVKMm9RV3FOcjdLMkVRdjM2c1RxVFZKQjViWk9ZYytwWGVJSDQ5R3RJRGM4QT09fA&cppv=2
Request Chain 146
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODMtO_EIRCsAhisAjIICBf7at22T3k HTTP 301
  • https://tpc.googlesyndication.com/simgad/17372476489928444632
Request Chain 148
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEENHjiqmKvnXovhSsxpn0FU&google_cver=1&google_push=ATf1kGPiMxdhQJ0pc9d52qI_4zP4z3ujZuvnJKu6YpjSG2QT58-XbEQb-Jq2wHd8qE1RNC-z4f65H0j0yRGZM-ypSxN_Juyziabj HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEENHjiqmKvnXovhSsxpn0FU&google_cver=1&google_push=ATf1kGPiMxdhQJ0pc9d52qI_4zP4z3ujZuvnJKu6YpjSG2QT58-XbEQb-Jq2wHd8qE1RNC-z4f65H0j0yRGZM-ypSxN_Juyziabj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjIwOTI3Njg0NzUyOTIyNTY2Mw&google_push=ATf1kGPiMxdhQJ0pc9d52qI_4zP4z3ujZuvnJKu6YpjSG2QT58-XbEQb-Jq2wHd8qE1RNC-z4f65H0j0yRGZM-ypSxN_Juyziabj
Request Chain 150
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJwskhzcG5m37NHSb9hQbZM&google_cver=1&google_push=ATf1kGNjpfVJOPZV0Mgbqg6qMYJ0Zcf4LCYQEAdHtynzcCN225J2oIRMR8ncDM6OoSyMkF51VJeBqEjCF3PFWzYVzO_dQzwIMa_C HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJwskhzcG5m37NHSb9hQbZM&google_cver=1&google_push=ATf1kGNjpfVJOPZV0Mgbqg6qMYJ0Zcf4LCYQEAdHtynzcCN225J2oIRMR8ncDM6OoSyMkF51VJeBqEjCF3PFWzYVzO_dQzwIMa_C&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gNvhQm6FRTi2S6BxCjdDFA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNjpfVJOPZV0Mgbqg6qMYJ0Zcf4LCYQEAdHtynzcCN225J2oIRMR8ncDM6OoSyMkF51VJeBqEjCF3PFWzYVzO_dQzwIMa_C
Request Chain 151
  • https://match.360yield.com/match/ebda?google_gid=CAESEJTUpya12b1XVAAhnKhEaxY&google_cver=1&google_push=ATf1kGNalhr8bICVY0L463ONQ1OZm8pFcwZiNevhtV-_-_Lveq6NmTS094_0TvSlbuyieOv0x0Ndts-RBdYI2EN4TGn5n8aWJpae HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJTUpya12b1XVAAhnKhEaxY&google_cver=1&google_push=ATf1kGNalhr8bICVY0L463ONQ1OZm8pFcwZiNevhtV-_-_Lveq6NmTS094_0TvSlbuyieOv0x0Ndts-RBdYI2EN4TGn5n8aWJpae HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HzUCMVmfQ3GbxzeBCoIyVQ&google_push=ATf1kGNalhr8bICVY0L463ONQ1OZm8pFcwZiNevhtV-_-_Lveq6NmTS094_0TvSlbuyieOv0x0Ndts-RBdYI2EN4TGn5n8aWJpae
Request Chain 152
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEMJ2dCT02HIO5Ab7FySsSBE&google_cver=1&google_push=ATf1kGMIGyu_Bwix5PPNuP2N89cKEv6lo0ieSW6p4ADnugMzyDjygAvF_7mfxPot0jkLymuHPy7NO_sC6pzafArW_aAKeu5wbFDN HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGMIGyu_Bwix5PPNuP2N89cKEv6lo0ieSW6p4ADnugMzyDjygAvF_7mfxPot0jkLymuHPy7NO_sC6pzafArW_aAKeu5wbFDN&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1686082235407 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-81e4d180-bab4-47bc-a10c-bc8f8e4fbaba-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGMIGyu_Bwix5PPNuP2N89cKEv6lo0ieSW6p4ADnugMzyDjygAvF_7mfxPot0jkLymuHPy7NO_sC6pzafArW_aAKeu5wbFDN%26google_hm%3DBYHk0YC6tEe8oQy8j45Puro HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMIGyu_Bwix5PPNuP2N89cKEv6lo0ieSW6p4ADnugMzyDjygAvF_7mfxPot0jkLymuHPy7NO_sC6pzafArW_aAKeu5wbFDN&google_hm=BYHk0YC6tEe8oQy8j45Puro
Request Chain 153
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESECQBO2JTe9tomoz8Z5kLhUU&google_cver=1&google_push=ATf1kGNYXCZRHB8h60xTxmV5i2LENhSBjQjiJa4Y__frarT3gpPqIRybz5R9NjTgocPIZvS57jhFZir94SIj_3fIu3HuwWgf3XtX HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESECQBO2JTe9tomoz8Z5kLhUU%26google_cver%3D1%26google_push%3DATf1kGNYXCZRHB8h60xTxmV5i2LENhSBjQjiJa4Y__frarT3gpPqIRybz5R9NjTgocPIZvS57jhFZir94SIj_3fIu3HuwWgf3XtX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTAwOTY5NTczMjE4NjMzNzgxMA%3D%3D&google_gid=CAESECQBO2JTe9tomoz8Z5kLhUU&google_cver=1&google_push=ATf1kGNYXCZRHB8h60xTxmV5i2LENhSBjQjiJa4Y__frarT3gpPqIRybz5R9NjTgocPIZvS57jhFZir94SIj_3fIu3HuwWgf3XtX

163 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
espreso.tv/
Redirect Chain
  • http://static.espreso.tv/
  • https://espreso.tv/
114 KB
29 KB
Document
General
Full URL
https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.32
Resource Hash
560530fbce61e7b8acfaa5cdd96f78ad9009e143b37e79580c962510f30cd78e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

back-end-time
2023-06-06 23:10:33
cache-control
no-store, no-cache, must-revalidate no-cache, private
cf-cache-status
EXPIRED
cf-ray
7d334ca56fad1ac7-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 20:10:33 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
front-end-https
on
last-modified
Tue, 06 Jun 2023 20:10:22 GMT
link
</css/client/app.css?v=2.4>; rel=preload; as=style, </js/client/build.js>; rel=preload; as=script, </svg/logo-desktop.svg>; rel=preload; as=image, </img/mobile-logo.svg>; rel=preload; as=image, </css/fonts/Mariupol-Bold.ttf>; rel=preload; as=font; crossorigin="anonymous", </css/fonts/Mariupol-Regular.ttf>; rel=preload; as=font; crossorigin="anonymous", </css/fonts/GothamPro.ttf>; rel=preload; as=font; crossorigin="anonymous", </css/fonts/Mariupol-Medium.ttf>; rel=preload; as=font; crossorigin="anonymous"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.32

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Tue, 06 Jun 2023 20:10:33 GMT
Location
https://espreso.tv/
Server
nginx
app.css
espreso.tv/css/client/
336 KB
45 KB
Stylesheet
General
Full URL
https://espreso.tv/css/client/app.css?v=2.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd9eb8e4ecd8363c9d7c919f35b9f9f4705f488879b6fc60a11bd59fb68bc4a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 18 May 2023 08:29:13 GMT
server
cloudflare
age
1
cf-polished
origSize=344196
etag
W/"6465e1d9-54084"
front-end-https
on
vary
Accept-Encoding
content-type
text/css
cf-ray
7d334ca6f9d11ac7-FRA
build.js
espreso.tv/js/client/
372 KB
91 KB
Script
General
Full URL
https://espreso.tv/js/client/build.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
556b0db9d5b98828f8c1aefe61b57ae48b20ebe9435a9d38b9bef152b549c473

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 18 May 2023 08:29:13 GMT
server
cloudflare
age
1
cf-polished
origSize=380905
etag
W/"6465e1d9-5cfe9"
front-end-https
on
vary
Accept-Encoding
content-type
application/javascript
cf-ray
7d334ca6f9d21ac7-FRA
logo-desktop.svg
espreso.tv/svg/
6 KB
3 KB
Image
General
Full URL
https://espreso.tv/svg/logo-desktop.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e20015e5c89df20fde3f6041e3fc15099a532f8a01e9f3d5b284775005937d90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Dec 2020 08:11:59 GMT
server
cloudflare
age
1
etag
W/"5fd86fcf-175f"
front-end-https
on
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
7d334ca6f9de1ac7-FRA
mobile-logo.svg
espreso.tv/img/
459 B
349 B
Image
General
Full URL
https://espreso.tv/img/mobile-logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c332dc32b71b15a5ca6dd172672a89f322415cad2542647456f9d72da5bb57d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Dec 2020 08:11:59 GMT
server
cloudflare
age
1
etag
W/"5fd86fcf-1cb"
front-end-https
on
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
7d334ca6f9e11ac7-FRA
Mariupol-Bold.ttf
espreso.tv/css/fonts/
58 KB
58 KB
Font
General
Full URL
https://espreso.tv/css/fonts/Mariupol-Bold.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f143204a833cd66a8797daf47b2981e83a23ae37cce8c69f12dd554213589b27

Request headers

Referer
https://espreso.tv/
Origin
https://espreso.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 15 Dec 2020 08:11:59 GMT
server
cloudflare
etag
"5fd86fcf-e6ec"
front-end-https
on
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7d334ca6f9d41ac7-FRA
content-length
59116
Mariupol-Regular.ttf
espreso.tv/css/fonts/
59 KB
59 KB
Font
General
Full URL
https://espreso.tv/css/fonts/Mariupol-Regular.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90a5ac5341501278b98edc55f0ff9b9fd42cf8454359e6fb37d79d7388cc9bd8

Request headers

Referer
https://espreso.tv/
Origin
https://espreso.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 15 Dec 2020 08:11:59 GMT
server
cloudflare
etag
"5fd86fcf-eaec"
front-end-https
on
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7d334ca6f9d61ac7-FRA
content-length
60140
GothamPro.ttf
espreso.tv/css/fonts/
40 KB
40 KB
Font
General
Full URL
https://espreso.tv/css/fonts/GothamPro.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e02da845387edbdd44fcaeb3f005b99d5ad96eade3ce2d1a392c85a56f627e1c

Request headers

Referer
https://espreso.tv/
Origin
https://espreso.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 15 Dec 2020 08:11:59 GMT
server
cloudflare
etag
"5fd86fcf-9e10"
front-end-https
on
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7d334ca6f9d71ac7-FRA
content-length
40464
Mariupol-Medium.ttf
espreso.tv/css/fonts/
58 KB
59 KB
Font
General
Full URL
https://espreso.tv/css/fonts/Mariupol-Medium.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94021ffb803e0404faee97b71d30522368f1d45b57f9db51723832a80d479280

Request headers

Referer
https://espreso.tv/
Origin
https://espreso.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 15 Dec 2020 08:11:59 GMT
server
cloudflare
etag
"5fd86fcf-e9ac"
front-end-https
on
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7d334ca6f9d91ac7-FRA
content-length
59820
app.css
espreso.tv/css/client/
336 KB
45 KB
Stylesheet
General
Full URL
https://espreso.tv/css/client/app.css?id=1ac96a0150ab76a1eddb
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd9eb8e4ecd8363c9d7c919f35b9f9f4705f488879b6fc60a11bd59fb68bc4a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Thu, 18 May 2023 08:29:13 GMT
server
cloudflare
cf-polished
origSize=344196
etag
W/"6465e1d9-54084"
front-end-https
on
vary
Accept-Encoding
content-type
text/css
cf-ray
7d334ca6f9db1ac7-FRA
home_svg.svg
espreso.tv/img/
1 KB
597 B
Image
General
Full URL
https://espreso.tv/img/home_svg.svg
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
457af3e64c0c9f521adab81c34598c7a111d1e02ca698f4ff88e1b0c58d8f6af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 25 Jan 2021 17:33:00 GMT
server
cloudflare
etag
W/"600f00cc-44e"
front-end-https
on
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
7d334ca6f9e21ac7-FRA
px.gif
espreso.tv/img/
43 B
258 B
Image
General
Full URL
https://espreso.tv/img/px.gif
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a35536d90b735ac4c624a19bd16ebe7c9e8f9fc6b061d8598a2d42766580174

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
public
date
Tue, 06 Jun 2023 20:10:33 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Mon, 11 Oct 2021 07:42:02 GMT
server
cloudflare
cf-polished
status=not_needed
etag
"6163eaca-2b"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=43200, max-age=3600, public
accept-ranges
bytes
cf-ray
7d334ca719f91ac7-FRA
content-length
43
expires
Wed, 07 Jun 2023 08:10:33 GMT
streamonline
espreso.tv/ Frame C08A
2 KB
1005 B
Document
General
Full URL
https://espreso.tv/streamonline
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.32
Resource Hash
02a81b8695233066f5c1baefa1931d35550ed8122634895de47631ddb97eb0e5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://espreso.tv https://ru.espreso.tv https://global.espreso.tv https://zahid.espreso.tv https://tabloid.espreso.tv

Request headers

Referer
https://espreso.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-method
GET, OPTIONS
age
0
back-end-time
2023-06-06 23:10:33
cache-control
no-cache, private
cf-cache-status
HIT
cf-ray
7d334ca719fa1ac7-FRA
content-encoding
br
content-security-policy
frame-ancestors 'self' https://espreso.tv https://ru.espreso.tv https://global.espreso.tv https://zahid.espreso.tv https://tabloid.espreso.tv
content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 20:10:33 GMT
front-end-https
on
last-modified
Tue, 06 Jun 2023 20:10:33 GMT
link
</css/client/app.css?v=2.4>; rel=preload; as=style, </js/client/build.js>; rel=preload; as=script, </svg/logo-desktop.svg>; rel=preload; as=image, </img/mobile-logo.svg>; rel=preload; as=image, </css/fonts/Mariupol-Bold.ttf>; rel=preload; as=font; crossorigin="anonymous", </css/fonts/Mariupol-Regular.ttf>; rel=preload; as=font; crossorigin="anonymous", </css/fonts/GothamPro.ttf>; rel=preload; as=font; crossorigin="anonymous", </css/fonts/Mariupol-Medium.ttf>; rel=preload; as=font; crossorigin="anonymous"
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.32
292323_vz5_president.gov.ua_new_80x50_0.jpg
static.espreso.tv/uploads/photobank/292000_293000/
3 KB
3 KB
Image
General
Full URL
https://static.espreso.tv/uploads/photobank/292000_293000/292323_vz5_president.gov.ua_new_80x50_0.jpg
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
2-espresso.tv
Software
nginx /
Resource Hash
3683a544733802247edc7b407053f2212a2c53201868b1ca7275988f163b13e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
public
Date
Tue, 06 Jun 2023 20:10:33 GMT
Last-Modified
Tue, 06 Jun 2023 19:58:57 GMT
Server
nginx
ETag
"647f9001-a1b"
Content-Type
image/jpeg
Cache-Control
max-age=3600, max-age=3600, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2587
Expires
Tue, 06 Jun 2023 21:10:33 GMT
291943_vz_reuters_new_80x50_0.jpg
static.espreso.tv/uploads/photobank/291000_292000/
3 KB
3 KB
Image
General
Full URL
https://static.espreso.tv/uploads/photobank/291000_292000/291943_vz_reuters_new_80x50_0.jpg
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
2-espresso.tv
Software
nginx /
Resource Hash
c993cc241101ba42c8f532ac58363b159d4d6123935249b21f6565cf45ec3d38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
public
Date
Tue, 06 Jun 2023 20:10:33 GMT
Last-Modified
Sat, 03 Jun 2023 07:56:15 GMT
Server
nginx
ETag
"647af21f-b62"
Content-Type
image/jpeg
Cache-Control
max-age=3600, max-age=3600, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2914
Expires
Tue, 06 Jun 2023 21:10:33 GMT
292308_kahovska-ges2_reuters_new_80x50_0.jpg
static.espreso.tv/uploads/photobank/292000_293000/
3 KB
3 KB
Image
General
Full URL
https://static.espreso.tv/uploads/photobank/292000_293000/292308_kahovska-ges2_reuters_new_80x50_0.jpg
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
2-espresso.tv
Software
nginx /
Resource Hash
8d2bfadc9b38d9a02ad0213d5675fe98329ac27b507530d16bc3ff19c197fce6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
public
Date
Tue, 06 Jun 2023 20:10:33 GMT
Last-Modified
Tue, 06 Jun 2023 15:50:55 GMT
Server
nginx
ETag
"647f55df-a85"
Content-Type
image/jpeg
Cache-Control
max-age=3600, max-age=3600, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2693
Expires
Tue, 06 Jun 2023 21:10:33 GMT
258415_ruc-nuclear-rocket_gettyimages_new_80x50_0.png
static.espreso.tv/uploads/photobank/258000_259000/
9 KB
9 KB
Image
General
Full URL
https://static.espreso.tv/uploads/photobank/258000_259000/258415_ruc-nuclear-rocket_gettyimages_new_80x50_0.png
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
2-espresso.tv
Software
nginx /
Resource Hash
bc6d4a7f8af2294f37abc61a41f3f2258ba0fe7c9a5f3b0946ff4bcd146e0d4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
public
Date
Tue, 06 Jun 2023 20:10:33 GMT
Last-Modified
Tue, 02 May 2023 19:23:20 GMT
Server
nginx
ETag
"64516328-238e"
Content-Type
image/png
Cache-Control
max-age=3600, max-age=3600, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9102
Expires
Tue, 06 Jun 2023 21:10:33 GMT
286608_thumb_202851_820_360_0_0_auto_new_80x50_0.jpg
static.espreso.tv/uploads/photobank/286000_287000/
3 KB
3 KB
Image
General
Full URL
https://static.espreso.tv/uploads/photobank/286000_287000/286608_thumb_202851_820_360_0_0_auto_new_80x50_0.jpg
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
2-espresso.tv
Software
nginx /
Resource Hash
dde7015f09108415a0b0ebb440a2b82086c5cf09cbc4472c9756106e8a355548

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
public
Date
Tue, 06 Jun 2023 20:10:33 GMT
Last-Modified
Tue, 02 May 2023 19:34:54 GMT
Server
nginx
ETag
"645165de-c1e"
Content-Type
image/jpeg
Cache-Control
max-age=3600, max-age=3600, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3102
Expires
Tue, 06 Jun 2023 21:10:33 GMT
email-decode.min.js
espreso.tv/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
834 B
Script
General
Full URL
https://espreso.tv/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 May 2023 15:21:01 GMT
server
cloudflare
etag
W/"6476145d-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7d334ca73a291ac7-FRA
expires
Thu, 08 Jun 2023 20:10:33 GMT
rocket-loader.min.js
espreso.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://espreso.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 May 2023 15:21:01 GMT
server
cloudflare
etag
W/"6476145d-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7d334ca73a2d1ac7-FRA
expires
Thu, 08 Jun 2023 20:10:33 GMT
app.css
espreso.tv/css/client/ Frame C08A
336 KB
45 KB
Stylesheet
General
Full URL
https://espreso.tv/css/client/app.css?v=2.4
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd9eb8e4ecd8363c9d7c919f35b9f9f4705f488879b6fc60a11bd59fb68bc4a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/streamonline
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 18 May 2023 08:29:13 GMT
server
cloudflare
age
1
cf-polished
origSize=344196
etag
W/"6465e1d9-54084"
front-end-https
on
vary
Accept-Encoding
content-type
text/css
cf-ray
7d334ca77a881ac7-FRA
build.js
espreso.tv/js/client/ Frame C08A
372 KB
91 KB
Script
General
Full URL
https://espreso.tv/js/client/build.js
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
556b0db9d5b98828f8c1aefe61b57ae48b20ebe9435a9d38b9bef152b549c473

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/streamonline
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 18 May 2023 08:29:13 GMT
server
cloudflare
age
1
cf-polished
origSize=380905
etag
W/"6465e1d9-5cfe9"
front-end-https
on
vary
Accept-Encoding
content-type
application/javascript
cf-ray
7d334ca77a8e1ac7-FRA
logo-desktop.svg
espreso.tv/svg/ Frame C08A
6 KB
3 KB
Image
General
Full URL
https://espreso.tv/svg/logo-desktop.svg
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e20015e5c89df20fde3f6041e3fc15099a532f8a01e9f3d5b284775005937d90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/streamonline
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Dec 2020 08:11:59 GMT
server
cloudflare
age
1
etag
W/"5fd86fcf-175f"
front-end-https
on
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
7d334ca78a951ac7-FRA
mobile-logo.svg
espreso.tv/img/ Frame C08A
459 B
335 B
Image
General
Full URL
https://espreso.tv/img/mobile-logo.svg
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c332dc32b71b15a5ca6dd172672a89f322415cad2542647456f9d72da5bb57d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/streamonline
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Dec 2020 08:11:59 GMT
server
cloudflare
age
1
etag
W/"5fd86fcf-1cb"
front-end-https
on
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
7d334ca78a971ac7-FRA
Mariupol-Bold.ttf
espreso.tv/css/fonts/ Frame C08A
58 KB
58 KB
Font
General
Full URL
https://espreso.tv/css/fonts/Mariupol-Bold.ttf
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f143204a833cd66a8797daf47b2981e83a23ae37cce8c69f12dd554213589b27

Request headers

Referer
https://espreso.tv/streamonline
Origin
https://espreso.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
cf-cache-status
HIT
last-modified
Tue, 15 Dec 2020 08:11:59 GMT
server
cloudflare
age
0
etag
"5fd86fcf-e6ec"
front-end-https
on
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7d334ca77a8f1ac7-FRA
content-length
59116
Mariupol-Regular.ttf
espreso.tv/css/fonts/ Frame C08A
59 KB
59 KB
Font
General
Full URL
https://espreso.tv/css/fonts/Mariupol-Regular.ttf
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90a5ac5341501278b98edc55f0ff9b9fd42cf8454359e6fb37d79d7388cc9bd8

Request headers

Referer
https://espreso.tv/streamonline
Origin
https://espreso.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
cf-cache-status
HIT
last-modified
Tue, 15 Dec 2020 08:11:59 GMT
server
cloudflare
age
0
etag
"5fd86fcf-eaec"
front-end-https
on
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7d334ca78a901ac7-FRA
content-length
60140
GothamPro.ttf
espreso.tv/css/fonts/ Frame C08A
40 KB
40 KB
Font
General
Full URL
https://espreso.tv/css/fonts/GothamPro.ttf
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e02da845387edbdd44fcaeb3f005b99d5ad96eade3ce2d1a392c85a56f627e1c

Request headers

Referer
https://espreso.tv/streamonline
Origin
https://espreso.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
cf-cache-status
HIT
last-modified
Tue, 15 Dec 2020 08:11:59 GMT
server
cloudflare
age
0
etag
"5fd86fcf-9e10"
front-end-https
on
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7d334ca78a931ac7-FRA
content-length
40464
Mariupol-Medium.ttf
espreso.tv/css/fonts/ Frame C08A
58 KB
59 KB
Font
General
Full URL
https://espreso.tv/css/fonts/Mariupol-Medium.ttf
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94021ffb803e0404faee97b71d30522368f1d45b57f9db51723832a80d479280

Request headers

Referer
https://espreso.tv/streamonline
Origin
https://espreso.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
cf-cache-status
HIT
last-modified
Tue, 15 Dec 2020 08:11:59 GMT
server
cloudflare
age
0
etag
"5fd86fcf-e9ac"
front-end-https
on
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7d334ca78a941ac7-FRA
content-length
59820
rocket-loader.min.js
espreso.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame C08A
12 KB
4 KB
Script
General
Full URL
https://espreso.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: espreso.tv
URL: https://espreso.tv/streamonline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/streamonline
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 May 2023 15:21:01 GMT
server
cloudflare
etag
W/"6476145d-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7d334ca78a981ac7-FRA
expires
Thu, 08 Jun 2023 20:10:33 GMT
esplq.stream.mpd
media.espreso.tv/play/ Frame C08A
1 KB
2 KB
Media
General
Full URL
https://media.espreso.tv/play/esplq.stream.mpd
Requested by
Host: espreso.tv
URL: https://espreso.tv/streamonline
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.66.93 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
media.espreso.tv
Software
nginx/1.9.5 /
Resource Hash
dd8f00f4acd51491224dca8d88913e42c66fc72d50b54d7dd69f2c31d1ad1cf0

Request headers

Referer
https://espreso.tv/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 06 Jun 2023 20:10:33 GMT
Last-Modified
Tue, 06 Jun 2023 20:10:30 GMT
Server
nginx/1.9.5
ETag
"647f92b6-5b0"
Content-Type
application/dash+xml
Access-Control-Allow-Origin
*
Content-Range
bytes 0-1455/1456
Connection
keep-alive
Content-Length
1456
bx_bxs-down-arrow.svg
espreso.tv/css/client/img/
786 B
555 B
Image
General
Full URL
https://espreso.tv/css/client/img/bx_bxs-down-arrow.svg
Requested by
Host: espreso.tv
URL: https://espreso.tv/css/client/app.css?id=1ac96a0150ab76a1eddb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4f9e3bf5329c277674a387af703da3ee8b93ab69f48b357cae8d80b70a472b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/css/client/app.css?id=1ac96a0150ab76a1eddb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 19 Mar 2021 10:19:11 GMT
server
cloudflare
etag
W/"60547a9f-312"
front-end-https
on
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
7d334ca7baea1ac7-FRA
active_rubrikator.svg
espreso.tv/css/client/img/
636 B
451 B
Image
General
Full URL
https://espreso.tv/css/client/img/active_rubrikator.svg
Requested by
Host: espreso.tv
URL: https://espreso.tv/css/client/app.css?id=1ac96a0150ab76a1eddb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e9acfa47b8cc1cb4bd19f95c22cf2ec0d499d0f872b80aad7633372d11d2d11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/css/client/app.css?id=1ac96a0150ab76a1eddb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 19 Mar 2021 10:19:11 GMT
server
cloudflare
etag
W/"60547a9f-27c"
front-end-https
on
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
7d334ca7caec1ac7-FRA
play-icon.svg
espreso.tv/svg/
551 B
407 B
Image
General
Full URL
https://espreso.tv/svg/play-icon.svg
Requested by
Host: espreso.tv
URL: https://espreso.tv/css/client/app.css?id=1ac96a0150ab76a1eddb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4681c6b5ce2f7549eec273f6e0c1aa7b6d50b4d5f5fecab2790b29bf2cb1976c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/css/client/app.css?id=1ac96a0150ab76a1eddb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 15 Dec 2020 08:11:59 GMT
server
cloudflare
etag
W/"5fd86fcf-227"
front-end-https
on
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
7d334ca7caef1ac7-FRA
voute_arrow_white.svg
espreso.tv/img/
441 B
271 B
Image
General
Full URL
https://espreso.tv/img/voute_arrow_white.svg
Requested by
Host: espreso.tv
URL: https://espreso.tv/css/client/app.css?id=1ac96a0150ab76a1eddb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5725950dfca860da5fde6d0cb442f094d47664536c7d60af28c4f336a0d1065e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/css/client/app.css?id=1ac96a0150ab76a1eddb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 15 Dec 2020 08:11:59 GMT
server
cloudflare
etag
W/"5fd86fcf-1b9"
front-end-https
on
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
7d334ca7caf01ac7-FRA
dash.js
espreso.tv/player/ Frame C08A
394 KB
105 KB
Script
General
Full URL
https://espreso.tv/player/dash.js
Requested by
Host: espreso.tv
URL: https://espreso.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
749d0a767c884d4ec8fec2e388ebe7d75be8b1cad21dd811933d3ca8b5f6f047

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/streamonline
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Tue, 15 Dec 2020 08:11:59 GMT
server
cloudflare
cf-polished
origSize=403969
etag
W/"5fd86fcf-62a01"
front-end-https
on
vary
Accept-Encoding
content-type
application/javascript
cf-ray
7d334ca81b4f1ac7-FRA
build.js
espreso.tv/js/client/
372 KB
91 KB
Script
General
Full URL
https://espreso.tv/js/client/build.js?id=8f77c3008236b71ee0c8
Requested by
Host: espreso.tv
URL: https://espreso.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
556b0db9d5b98828f8c1aefe61b57ae48b20ebe9435a9d38b9bef152b549c473

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Thu, 18 May 2023 08:29:13 GMT
server
cloudflare
cf-polished
origSize=380905
etag
W/"6465e1d9-5cfe9"
front-end-https
on
vary
Accept-Encoding
content-type
application/javascript
cf-ray
7d334ca81b501ac7-FRA
media
a4p.adpartner.pro/
11 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/media?site_id=68&unit_id=7825
Requested by
Host: espreso.tv
URL: https://espreso.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
348fa7fa68c167dd972c12bdace54cdb173584508f194a9bd9bdd31ce07b44e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
cache-control
no-store no-transform
content-encoding
br
server
nginx
content-type
text/html; charset=utf-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
136 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9947899611690155
Requested by
Host: espreso.tv
URL: https://espreso.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c189c713159314557cae8d298d85db5b5898a62b55cb5641856d2f67bc99c93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://espreso.tv/
Origin
https://espreso.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47313
x-xss-protection
0
server
cafe
etag
7311774126388917781
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 20:10:33 GMT
js
www.googletagmanager.com/gtag/
120 KB
47 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-45979688-1
Requested by
Host: espreso.tv
URL: https://espreso.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0e708de4d6b3b4b1691ab56aa50194b59ab53d25c28d3f6ecc6fb741f64a3637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47436
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 19:08:07 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Jun 2023 20:10:33 GMT
js
www.googletagmanager.com/gtag/
237 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-93P3ZTPNK3
Requested by
Host: espreso.tv
URL: https://espreso.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d32b94d1af8db20fbbffda740827746cca729dee3ff55b82bae6c124e232df57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83792
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Jun 2023 20:10:33 GMT
esplq.stream.mpd
media.espreso.tv/play/ Frame C08A
1 KB
2 KB
XHR
General
Full URL
https://media.espreso.tv/play/esplq.stream.mpd
Requested by
Host: espreso.tv
URL: https://espreso.tv/player/dash.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.66.93 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
media.espreso.tv
Software
nginx/1.9.5 /
Resource Hash
dd8f00f4acd51491224dca8d88913e42c66fc72d50b54d7dd69f2c31d1ad1cf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 20:10:33 GMT
Last-Modified
Tue, 06 Jun 2023 20:10:30 GMT
Server
nginx/1.9.5
ETag
"647f92b6-5b0"
Content-Type
application/dash+xml
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1456
gtm.js
www.googletagmanager.com/
148 KB
56 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M3JGJJ
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
09c856c342f755b7ec8237882ba61e1eb5f5f1974e30ea390b49c8499ae0b0e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56833
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 19:08:07 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Jun 2023 20:10:33 GMT
hb_737420_16895.js
player.adtcdn.com/prebidlink/468356/
920 B
1 KB
Script
General
Full URL
https://player.adtcdn.com/prebidlink/468356/hb_737420_16895.js
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a0b3fc826340dc04107752f1e04751f6d31b9f163170d748f58726b8c85429b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 May 2023 12:02:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
613
etag
W/"6475e5c4-398"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9VH1jcO2Kxl5ujX1lNA0iraYPvA8ZLbaYk8f%2BPuUDz80QrPvI3lB8z3kb0VRezLHlkUbIJ7pFRopE4ANfIrii4eOg8o5xlrY5vlDDZ4ckTo6kA4SG5WG7Wr%2FkMsi1pafFVrq8r6F7dlc9AwsdAhLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
7d334ca928b79a18-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 06 Jun 2023 20:15:20 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
75 KB
25 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c57309e35b543a2b22cc7ff3b37dd9154ddb0f5a115a1da34d29ca733c4583e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25262
x-xss-protection
0
server
cafe
etag
487 / 19514 / m202306010101 / config-hash: 5032195517386799799
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 20:10:33 GMT
wrapper_hb_737420_16895.js
player.adtcdn.com/prebidlink/468356/
2 KB
1 KB
Script
General
Full URL
https://player.adtcdn.com/prebidlink/468356/wrapper_hb_737420_16895.js
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcc19dcb9321779626e6ba46e3442f880a20567aae479131c7903cabfad59679

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 May 2023 12:02:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
613
etag
W/"6475e5c4-701"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6b63RWptSalWKoxVpfQ6czDBOj%2BanM2i%2FcpTC%2FsruQOCCKsrg9JPhZ6VEoxtEYLjm4Ije0oYYOt7uOyyPtgBtss5tAc4Paf%2FcpQfMFVrNOGXDG6XiOCilR0Yx3EWPKgstqAqVF6%2BoXD1%2FkuqEmRLDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
7d334ca928b99a18-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 06 Jun 2023 20:15:19 GMT
xgemius.js
gaua.hit.gemius.pl/
64 KB
18 KB
Script
General
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-83-200.eu
Software
GHC /
Resource Hash
a8e6e3bae7ae349523b4fdbfc22654ca1db55fa81e928650dd0d8be49fc5d04d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
gzip
last-modified
Fri, 12 May 2023 12:38:55 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
18031
expires
Wed, 07 Jun 2023 08:10:33 GMT
htmlunit
a4p.adpartner.pro/
13 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/htmlunit?id=757&0.7358398171581635
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
708e75d73d3a5ecab9ee2d1860a88fb2eaac217bf21716dcc991f4c8517294e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
cache-control
no-store no-transform
content-encoding
br
server
nginx
content-type
text/html; charset=utf-8
htmlunit
a4p.adpartner.pro/
12 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/htmlunit?id=8883&0.8985324251710287
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
4fcdaf10bc628560c3fd06913fc8cb5f05f655300ba8315a7d4ef42906305786

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
cache-control
no-store no-transform
content-encoding
br
server
nginx
content-type
text/html; charset=utf-8
get_forms
espreso.tv/question/
73 B
1 KB
XHR
General
Full URL
https://espreso.tv/question/get_forms?16860822337532
Requested by
Host: espreso.tv
URL: https://espreso.tv/js/client/build.js?id=8f77c3008236b71ee0c8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.32
Resource Hash
eec43f4e547503dd4405a17d90c1efa320af4ee111207d409d04fda8870d4188

Request headers

X-CSRF-TOKEN
OFFeFJAanXSLJopgv67nfyAPI6GpjTjLGMOBt6IX
accept-language
de-DE,de;q=0.9
redaction_id
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://espreso.tv/
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.3.32
front-end-https
on
content-type
application/json
cache-control
no-cache, private
cf-ray
7d334ca90ca81ac7-FRA
link
</css/client/app.css?v=2.4>; rel=preload; as=style, </js/client/build.js>; rel=preload; as=script, </svg/logo-desktop.svg>; rel=preload; as=image, </img/mobile-logo.svg>; rel=preload; as=image, </css/fonts/Mariupol-Bold.ttf>; rel=preload; as=font; crossorigin="anonymous", </css/fonts/Mariupol-Regular.ttf>; rel=preload; as=font; crossorigin="anonymous", </css/fonts/GothamPro.ttf>; rel=preload; as=font; crossorigin="anonymous", </css/fonts/Mariupol-Medium.ttf>; rel=preload; as=font; crossorigin="anonymous"
px.gif
espreso.tv/img/
0
0

292308_kahovska-ges2_reuters_new_300x170_0.jpg
static.espreso.tv/uploads/photobank/292000_293000/
23 KB
23 KB
Image
General
Full URL
https://static.espreso.tv/uploads/photobank/292000_293000/292308_kahovska-ges2_reuters_new_300x170_0.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
2-espresso.tv
Software
nginx /
Resource Hash
b4b9db7142823621e50613babd5867d318bbea7701f15f76dab6d1a27a353abc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
public
Date
Tue, 06 Jun 2023 20:10:33 GMT
Last-Modified
Tue, 06 Jun 2023 15:50:56 GMT
Server
nginx
ETag
"647f55e0-5b8f"
Content-Type
image/jpeg
Cache-Control
max-age=3600, max-age=3600, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23439
Expires
Tue, 06 Jun 2023 21:10:33 GMT
292320_vz2_president.gov.ua_new_300x170_0.jpg
static.espreso.tv/uploads/photobank/292000_293000/
16 KB
17 KB
Image
General
Full URL
https://static.espreso.tv/uploads/photobank/292000_293000/292320_vz2_president.gov.ua_new_300x170_0.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
2-espresso.tv
Software
nginx /
Resource Hash
693bfc170cf834207105a006cc75648cfe8bbd4ba652f0a7d4c1500a8ae659ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
public
Date
Tue, 06 Jun 2023 20:10:33 GMT
Last-Modified
Tue, 06 Jun 2023 16:57:04 GMT
Server
nginx
ETag
"647f6560-41f0"
Content-Type
image/jpeg
Cache-Control
max-age=3600, max-age=3600, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16880
Expires
Tue, 06 Jun 2023 21:10:33 GMT
242274_3_new_300x170_0.jpg
static.espreso.tv/uploads/photobank/242000_243000/
13 KB
13 KB
Image
General
Full URL
https://static.espreso.tv/uploads/photobank/242000_243000/242274_3_new_300x170_0.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
2-espresso.tv
Software
nginx /
Resource Hash
60b571b38d95ef9200c2631805b5eb12260d4f3c161d0e10cf2373c9112a964e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
public
Date
Tue, 06 Jun 2023 20:10:33 GMT
Last-Modified
Tue, 02 May 2023 19:19:01 GMT
Server
nginx
ETag
"64516225-32dd"
Content-Type
image/jpeg
Cache-Control
max-age=3600, max-age=3600, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13021
Expires
Tue, 06 Jun 2023 21:10:33 GMT
222830_popov-igor_rfe_new_300x170_0.png
static.espreso.tv/uploads/photobank/222000_223000/
61 KB
61 KB
Image
General
Full URL
https://static.espreso.tv/uploads/photobank/222000_223000/222830_popov-igor_rfe_new_300x170_0.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
2-espresso.tv
Software
nginx /
Resource Hash
f10371d5f6070a9d7d7d3b1f8c6b3e8b6f15f7c09036a7b8bf5d43d0793342bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
public
Date
Tue, 06 Jun 2023 20:10:33 GMT
Last-Modified
Sun, 07 May 2023 15:33:52 GMT
Server
nginx
ETag
"6457c4e0-f46f"
Content-Type
image/png
Cache-Control
max-age=3600, max-age=3600, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
62575
Expires
Tue, 06 Jun 2023 21:10:33 GMT
202038_antoniuk_24tv_new_300x170_0.png
static.espreso.tv/uploads/photobank/202000_203000/
61 KB
61 KB
Image
General
Full URL
https://static.espreso.tv/uploads/photobank/202000_203000/202038_antoniuk_24tv_new_300x170_0.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
2-espresso.tv
Software
nginx /
Resource Hash
0e8102494840aee8c1a89b2c41af73d051d9de485722c58a6c83701feed69970

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
public
Date
Tue, 06 Jun 2023 20:10:33 GMT
Last-Modified
Sat, 06 May 2023 18:25:18 GMT
Server
nginx
ETag
"64569b8e-f33e"
Content-Type
image/png
Cache-Control
max-age=3600, max-age=3600, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
62270
Expires
Tue, 06 Jun 2023 21:10:33 GMT
181039_butusov_gordonua_new_300x170_0.png
static.espreso.tv/uploads/photobank/181000_182000/
64 KB
64 KB
Image
General
Full URL
https://static.espreso.tv/uploads/photobank/181000_182000/181039_butusov_gordonua_new_300x170_0.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
2-espresso.tv
Software
nginx /
Resource Hash
0d461c9905c05d0c17319e48e0c00ceed6645da61cad2363e8d93c6a5dfda8b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
public
Date
Tue, 06 Jun 2023 20:10:33 GMT
Last-Modified
Tue, 02 May 2023 20:33:15 GMT
Server
nginx
ETag
"6451738b-ffce"
Content-Type
image/png
Cache-Control
max-age=3600, max-age=3600, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65486
Expires
Tue, 06 Jun 2023 21:10:33 GMT
analytics.js
www.google-analytics.com/
51 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-45979688-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Jun 2023 19:04:48 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
3945
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 06 Jun 2023 21:04:48 GMT
media.min.js
a4p.adpartner.pro/apstc/
15 KB
4 KB
Script
General
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.449
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=68&unit_id=7825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
68af52b37053d7a12a8776f8b8734fd8494f5d2650e957d464bbd0117abbb782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
cache-control
no-store no-transform
content-encoding
br
last-modified
Wed, 19 Apr 2023 16:17:10 GMT
server
nginx
etag
W/"64401406-3ad8"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 8BDD
0
0
Document
General
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=7f28775e-8996-4244-8ff7-e906c7a66ada&site_visited=1&location=https%3A%2F%2Fespreso.tv%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=68&unit_id=7825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
https://espreso.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store no-transform
date
Tue, 06 Jun 2023 20:10:34 GMT
server
nginx
ls
a4p.adpartner.pro/media/ Frame 8C4E
5 KB
2 KB
Document
General
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=7825&apuid=d498283b-b3ef-4ecc-8312-d73733fad61e&session_pageview=1&session_id=7f28775e-8996-4244-8ff7-e906c7a66ada&site_visited=1&location=https%3A%2F%2Fespreso.tv%2F
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=68&unit_id=7825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
f51a69d005a497b7352ae355c562c02465f50f7db4c1bff93390a017b7fef456

Request headers

Referer
https://espreso.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 20:10:33 GMT
server
nginx
collect
region1.analytics.google.com/g/
0
250 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-93P3ZTPNK3&gtm=45je3650&_p=244157220&_gaz=1&cid=1770581484.1686082234&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686082233&sct=1&seg=0&dl=https%3A%2F%2Fespreso.tv%2F&dt=%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D0%B3%D0%BB%D1%8F%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%3A%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%20%D0%B2%D1%96%D0%B4%D0%B5%D0%BE%2C%20%D1%80%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%B6%D1%96%2C%20%D0%B5%D0%BA%D1%81%D0%BA%D0%BB%D1%8E%D0%B7%D0%B8%D0%B2%D0%B8%20%E1%90%88%20%D0%95%D1%81%D0%BF%D1%80%D0%B5%D1%81%D0%BE&en=page_view&_fv=2&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-93P3ZTPNK3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 20:10:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://espreso.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
250 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-93P3ZTPNK3&cid=1770581484.1686082234&gtm=45je3650&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-93P3ZTPNK3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 20:10:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://espreso.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-93P3ZTPNK3&cid=1770581484.1686082234&gtm=45je3650&aip=1&z=1724213251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 20:10:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htmlunit.min.js
a4p.adpartner.pro/apstc/
13 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/apstc/htmlunit.min.js?v=1.1.449
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/htmlunit?id=757&0.7358398171581635
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
08b54658c816f1537466a8e674f3710ca6ea559af8af1a3d3e5b1de7579e96e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
cache-control
no-store no-transform
content-encoding
br
last-modified
Wed, 19 Apr 2023 16:17:10 GMT
server
nginx
etag
W/"64401406-3317"
content-type
application/javascript
ls
a4p.adpartner.pro/htmlunit/ Frame BCE1
5 KB
2 KB
Document
General
Full URL
https://a4p.adpartner.pro/htmlunit/ls?htmlunit=757&bannerNum=93140950746865970&apuid=d498283b-b3ef-4ecc-8312-d73733fad61e&session_pageview=1&session_id=7f28775e-8996-4244-8ff7-e906c7a66ada&site_visited=1&location=https%3A%2F%2Fespreso.tv%2F
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/htmlunit?id=757&0.7358398171581635
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
bf0dd2c6497c3664840483b78bf81fb7ab83294d26b0c1f7c8ab0acaa4c131ee

Request headers

Referer
https://espreso.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 20:10:33 GMT
server
nginx
script
a4p.adpartner.pro/tracker/
11 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/tracker/script?id=879
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
23c26adfb829857eaa2e7fd2990ba66a4d84db9b82cfe8f54e8bcb619ad4fc2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
text/javascript; charset=utf-8
pragma
no-cache
date
Tue, 06 Jun 2023 20:10:33 GMT
cache-control
no-cache, no-store, must-revalidate, no-store no-transform
content-encoding
br
server
nginx
expires
0
ls
a4p.adpartner.pro/htmlunit/ Frame 7778
5 KB
2 KB
Document
General
Full URL
https://a4p.adpartner.pro/htmlunit/ls?htmlunit=8883&bannerNum=74301727013603980&apuid=d498283b-b3ef-4ecc-8312-d73733fad61e&session_pageview=1&session_id=7f28775e-8996-4244-8ff7-e906c7a66ada&site_visited=1&location=https%3A%2F%2Fespreso.tv%2F
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/htmlunit?id=8883&0.8985324251710287
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
ae68d0301b989714b3c0ab9ad5c9d216642c77a49b101b5652aa50b1e0c198bc

Request headers

Referer
https://espreso.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 20:10:33 GMT
server
nginx
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/
351 KB
118 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9947899611690155&plah=espreso.tv
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9947899611690155
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b693233dbdc13d7e593fcc0cc2e2b3666734bd7ac755fc524d87a89583006b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120652
x-xss-protection
0
server
cafe
etag
11700148424232596636
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 20:10:33 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/ Frame 53C7
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9947899611690155
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://espreso.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11178
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 17:04:15 GMT
etag
15057649708203361565
expires
Tue, 20 Jun 2023 17:04:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
logo-desktop.svg
espreso.tv/svg/
6 KB
3 KB
Image
General
Full URL
https://espreso.tv/svg/logo-desktop.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e20015e5c89df20fde3f6041e3fc15099a532f8a01e9f3d5b284775005937d90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Dec 2020 08:11:59 GMT
server
cloudflare
age
1
etag
W/"5fd86fcf-175f"
front-end-https
on
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
7d334ca9fdf51ac7-FRA
Mariupol-Bold.ttf
espreso.tv/css/fonts/
58 KB
58 KB
Font
General
Full URL
https://espreso.tv/css/fonts/Mariupol-Bold.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f143204a833cd66a8797daf47b2981e83a23ae37cce8c69f12dd554213589b27

Request headers

Referer
https://espreso.tv/
Origin
https://espreso.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
cf-cache-status
HIT
last-modified
Tue, 15 Dec 2020 08:11:59 GMT
server
cloudflare
age
0
etag
"5fd86fcf-e6ec"
front-end-https
on
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7d334ca9fdf61ac7-FRA
content-length
59116
Mariupol-Regular.ttf
espreso.tv/css/fonts/
59 KB
59 KB
Font
General
Full URL
https://espreso.tv/css/fonts/Mariupol-Regular.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90a5ac5341501278b98edc55f0ff9b9fd42cf8454359e6fb37d79d7388cc9bd8

Request headers

Referer
https://espreso.tv/
Origin
https://espreso.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
cf-cache-status
HIT
last-modified
Tue, 15 Dec 2020 08:11:59 GMT
server
cloudflare
age
0
etag
"5fd86fcf-eaec"
front-end-https
on
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7d334ca9fdf81ac7-FRA
content-length
60140
GothamPro.ttf
espreso.tv/css/fonts/
40 KB
40 KB
Font
General
Full URL
https://espreso.tv/css/fonts/GothamPro.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e02da845387edbdd44fcaeb3f005b99d5ad96eade3ce2d1a392c85a56f627e1c

Request headers

Referer
https://espreso.tv/
Origin
https://espreso.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
cf-cache-status
HIT
last-modified
Tue, 15 Dec 2020 08:11:59 GMT
server
cloudflare
age
0
etag
"5fd86fcf-9e10"
front-end-https
on
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7d334ca9fdfa1ac7-FRA
content-length
40464
Mariupol-Medium.ttf
espreso.tv/css/fonts/
58 KB
59 KB
Font
General
Full URL
https://espreso.tv/css/fonts/Mariupol-Medium.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94021ffb803e0404faee97b71d30522368f1d45b57f9db51723832a80d479280

Request headers

Referer
https://espreso.tv/
Origin
https://espreso.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
cf-cache-status
HIT
last-modified
Tue, 15 Dec 2020 08:11:59 GMT
server
cloudflare
age
0
etag
"5fd86fcf-e9ac"
front-end-https
on
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7d334ca9fdfb1ac7-FRA
content-length
59820
sdk.js
connect.facebook.net/en_US/
3 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
019a32d6afac3ff802afbaed91fd5f2f9f740d519f87d3e30fab3781bea96d02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Jun 2023 20:10:33 GMT
content-md5
LD/ZloZUFbKFLEQHuZ+9YQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
NukmYcbcL+/DniSWcE/3pKFKSRxd8J8CxXgZXxW1lJppuTsgHANwG72oKLU/HWYJsar3I+1a/PuhxirUO/a+Ww==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
aebe9dc56b87fc21fb99388d3298e1a0
cross-origin-opener-policy
same-origin-allow-popups
etag
"01079e849aa876791dd52cdee779bdc9"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
expires
Tue, 06 Jun 2023 20:23:34 GMT
fbevents.js
connect.facebook.net/en_US/
106 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Jun 2023 20:10:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27549
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
V1NWQzM+VN0BBlQHjWWDhFZ+5VZZEvogt7xPah9pClMALQVzNERJgpfhIWwfSgzOyUqfbG3FioHgvrZjaYZvaw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
universal.js
static.mailerlite.com/js/
16 KB
5 KB
Script
General
Full URL
https://static.mailerlite.com/js/universal.js?v1686082
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c54f352ea99892fd8a91d5936bca218ac440055077a6730074e66c1954b81c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:34 GMT
strict-transport-security
max-age=63072000
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 06 Jun 2023 10:58:26 GMT
server
cloudflare
age
4030
etag
W/"647f1152-4063"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=432000
cf-ray
7d334caa7e5f9016-FRA
expires
Sun, 11 Jun 2023 20:10:34 GMT
analytics.js
www.google-analytics.com/ Frame 8C4E
51 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7825&apuid=d498283b-b3ef-4ecc-8312-d73733fad61e&session_pageview=1&session_id=7f28775e-8996-4244-8ff7-e906c7a66ada&site_visited=1&location=https%3A%2F%2Fespreso.tv%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Jun 2023 19:04:48 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
3945
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 06 Jun 2023 21:04:48 GMT
media
a4p.adpartner.pro/ Frame 8C4E
1 KB
481 B
XHR
General
Full URL
https://a4p.adpartner.pro/media?id=7825&session_id=7f28775e-8996-4244-8ff7-e906c7a66ada&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7825&apuid=d498283b-b3ef-4ecc-8312-d73733fad61e&session_pageview=1&session_id=7f28775e-8996-4244-8ff7-e906c7a66ada&site_visited=1&location=https%3A%2F%2Fespreso.tv%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
64b7f1eb1a4ade7faab29638b49afc9701d1fa3c37841dfaa58bf0af28b421dc

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=7825&apuid=d498283b-b3ef-4ecc-8312-d73733fad61e&session_pageview=1&session_id=7f28775e-8996-4244-8ff7-e906c7a66ada&site_visited=1&location=https%3A%2F%2Fespreso.tv%2F
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type
text/plain

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
cache-control
no-store no-transform
content-encoding
br
server
nginx
content-type
text/html; charset=utf-8
htmlunit
a4p.adpartner.pro/ Frame BCE1
769 B
477 B
XHR
General
Full URL
https://a4p.adpartner.pro/htmlunit?id=757&session_id=7f28775e-8996-4244-8ff7-e906c7a66ada&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/htmlunit/ls?htmlunit=757&bannerNum=93140950746865970&apuid=d498283b-b3ef-4ecc-8312-d73733fad61e&session_pageview=1&session_id=7f28775e-8996-4244-8ff7-e906c7a66ada&site_visited=1&location=https%3A%2F%2Fespreso.tv%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
7817d93712c03a57e19baf167a34089bacaaf201e426707f137661d24bb3c790

Request headers

Referer
https://a4p.adpartner.pro/htmlunit/ls?htmlunit=757&bannerNum=93140950746865970&apuid=d498283b-b3ef-4ecc-8312-d73733fad61e&session_pageview=1&session_id=7f28775e-8996-4244-8ff7-e906c7a66ada&site_visited=1&location=https%3A%2F%2Fespreso.tv%2F
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type
text/plain

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
cache-control
no-store no-transform
content-encoding
br
server
nginx
content-type
text/html; charset=utf-8
hbp_master_737420_16895.js
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/
519 KB
165 KB
Script
General
Full URL
https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_737420_16895.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/468356/hb_737420_16895.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
c9a2240830cf779802536aec45319fb95f3eb30cd09b893f34777cafab739570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires
Thu, 08 Jun 2023 20:10:34 GMT
date
Tue, 06 Jun 2023 20:10:34 GMT
content-encoding
gzip
last-modified
Tue, 30 May 2023 12:02:12 GMT
server
nginx
etag
W/"6475e5c4-81d9d"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
hbw_master_737420_16895.js
player.adtelligent.com/prebidlink/MLnW1/
105 KB
35 KB
Script
General
Full URL
https://player.adtelligent.com/prebidlink/MLnW1/hbw_master_737420_16895.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/468356/wrapper_hb_737420_16895.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
b099204753a813b688a41d8ace3903b9ae81a9b24a71e1d912d3abf44359d9e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires
Thu, 08 Jun 2023 20:10:34 GMT
date
Tue, 06 Jun 2023 20:10:34 GMT
content-encoding
gzip
last-modified
Tue, 30 May 2023 12:02:12 GMT
server
nginx
etag
W/"6475e5c4-1a362"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
htmlunit
a4p.adpartner.pro/ Frame 7778
2 KB
980 B
XHR
General
Full URL
https://a4p.adpartner.pro/htmlunit?id=8883&session_id=7f28775e-8996-4244-8ff7-e906c7a66ada&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/htmlunit/ls?htmlunit=8883&bannerNum=74301727013603980&apuid=d498283b-b3ef-4ecc-8312-d73733fad61e&session_pageview=1&session_id=7f28775e-8996-4244-8ff7-e906c7a66ada&site_visited=1&location=https%3A%2F%2Fespreso.tv%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
0a5c77b3fcba48f513af145ea004511ec1c0e300daffc984a11363921cbd238d

Request headers

Referer
https://a4p.adpartner.pro/htmlunit/ls?htmlunit=8883&bannerNum=74301727013603980&apuid=d498283b-b3ef-4ecc-8312-d73733fad61e&session_pageview=1&session_id=7f28775e-8996-4244-8ff7-e906c7a66ada&site_visited=1&location=https%3A%2F%2Fespreso.tv%2F
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type
text/plain

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
cache-control
no-store no-transform
content-encoding
br
server
nginx
content-type
text/html; charset=utf-8
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/
406 KB
126 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 19:05:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
3906
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128351
x-xss-protection
0
server
cafe
etag
10410007902637205610
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 05 Jun 2024 19:05:27 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
235 B
167 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=espreso.tv&ppc_eid=31075025
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdcac1e10788d93b26eed12185d13b3c2d6db8d45b30c0d0f351768096f361b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142
x-xss-protection
0
expires
Tue, 06 Jun 2023 20:10:34 GMT
event
a4p.adpartner.pro/tracker/ Frame FEF9
2 KB
975 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/event?apuid=d498283b-b3ef-4ecc-8312-d73733fad61e
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/tracker/script?id=879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
06e6a17abebe37dac4aeaf99e96e8ecd9b89abbc0c68f9a775593cfc2d3502f3

Request headers

Referer
https://espreso.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 20:10:33 GMT
server
nginx
fpdata.js
gaua.hit.gemius.pl/
279 B
394 B
Script
General
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=espreso.tv
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-83-200.eu
Software
GHC /
Resource Hash
61eeb0302088373740e373417021bfef52f8fcc822613c0da98d16a1c4f01e24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:33 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
279
expires
Thu, 06 Jul 2023 20:10:33 GMT
lsget.html
ls.hit.gemius.pl/ Frame 038B
5 KB
3 KB
Document
General
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS
ip96.ip-146-59-30.eu
Software
GHC /
Resource Hash
ade3492d175b9d52b78af3ec7abd2abc2d73227a13d507cf87272b29093d93d7

Request headers

Referer
https://espreso.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2715
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 20:10:34 GMT
etag
PRIVATE7520710249
expires
Thu, 06 Jul 2023 20:10:34 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=244157220&t=pageview&_s=1&dl=https%3A%2F%2Fespreso.tv%2F&ul=en-us&de=UTF-8&dt=%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D0%B3%D0%BB%D1%8F%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%3A%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%20%D0%B2%D1%96%D0%B4%D0%B5%D0%BE%2C%20%D1%80%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%B6%D1%96%2C%20%D0%B5%D0%BA%D1%81%D0%BA%D0%BB%D1%8E%D0%B7%D0%B8%D0%B2%D0%B8%20%E1%90%88%20%D0%95%D1%81%D0%BF%D1%80%D0%B5%D1%81%D0%BE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=77659429&gjid=1288065830&cid=1770581484.1686082234&tid=UA-45979688-1&_gid=1498030082.1686082234&_r=1&gtm=457e3650&jsscut=1&z=293987403
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://espreso.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 20:10:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://espreso.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
151 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-45979688-2&cid=1770581484.1686082234&jid=648579462&gjid=1186466995&_gid=1498030082.1686082234&_u=YCDAgUABAAAAAGAAI~&z=1664229893
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://espreso.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 06 Jun 2023 20:10:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://espreso.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=244157220&t=pageview&_s=1&dl=https%3A%2F%2Fespreso.tv%2F&ul=en-us&de=UTF-8&dt=%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D0%B3%D0%BB%D1%8F%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%3A%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%20%D0%B2%D1%96%D0%B4%D0%B5%D0%BE%2C%20%D1%80%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%B6%D1%96%2C%20%D0%B5%D0%BA%D1%81%D0%BA%D0%BB%D1%8E%D0%B7%D0%B8%D0%B2%D0%B8%20%E1%90%88%20%D0%95%D1%81%D0%BF%D1%80%D0%B5%D1%81%D0%BE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgUABAAAAACAAI~&jid=648579462&gjid=1186466995&cid=1770581484.1686082234&tid=UA-45979688-2&_gid=1498030082.1686082234&gtm=45He3650n71M3JGJJ&z=1264082204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 12:21:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28147
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
esplq.stream-init.m4v
media.espreso.tv/play/ Frame C08A
663 B
947 B
XHR
General
Full URL
https://media.espreso.tv/play/esplq.stream-init.m4v
Requested by
Host: espreso.tv
URL: https://espreso.tv/player/dash.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.66.93 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
media.espreso.tv
Software
nginx/1.9.5 /
Resource Hash
c44416823250e3eae2a3430ab020547f9d592cc719430f69134217f0e766d0e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 20:10:34 GMT
Last-Modified
Wed, 17 May 2023 22:36:57 GMT
Server
nginx/1.9.5
ETag
"64655709-297"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
663
sdk.js
connect.facebook.net/en_US/
306 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=0ff19aa21632faf1f66da6fcc95e98c0
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cec2770f0a488a198c81a69ddb7ea41d43e9345c03673f6475fd8bcd3a0e1830
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://espreso.tv/
Origin
https://espreso.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Jun 2023 20:10:34 GMT
content-md5
5lr8sbnVWIZR1ToVi0KEkw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88647
x-fb-rlafr
0
x-fb-debug
6gW4gs1iu7CAYVeuUgUQa/aapuPujnqbs7jU6tkvQrOqFTp6NsDaRMp/6h5rTUwLbQpeVpd89RDz1uLXy+/SZQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
65c874a3b93e32d085074631b2eaca43
cross-origin-opener-policy
same-origin-allow-popups
etag
"00b8f464131c2a8596a9b69ad5c8cac5"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Wed, 05 Jun 2024 15:34:58 GMT
359434224743688
connect.facebook.net/signals/config/
300 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/359434224743688?v=2.9.106&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5b79e0d5c31556f29a4294ba44d827c04d9ae59062c6e7e7c622d546c063003a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Jun 2023 20:10:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87968
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
8ML2A8xvDTRfsgWq+AGTRSu1WyfH5l/03ky7OHoWCCfdxBZj0UgRIL1gUu/gSmoHn5RoP32RjeVOF+jmGIuDdw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
70 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-45979688-1&cid=1770581484.1686082234&jid=77659429&gjid=1288065830&_gid=1498030082.1686082234&_u=YADAAUAAAAAAACAAI~&z=1546964092
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://espreso.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 06 Jun 2023 20:10:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://espreso.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-45979688-2&cid=1770581484.1686082234&jid=648579462&_u=YCDAgUABAAAAAGAAI~&z=390223973
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 20:10:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-45979688-2&cid=1770581484.1686082234&jid=648579462&_u=YCDAgUABAAAAAGAAI~&z=390223973
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 20:10:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
BANNER_300x250_22%20(1).jpg
file.adpartner.pro/3290/3290922/
48 KB
48 KB
Image
General
Full URL
https://file.adpartner.pro/3290/3290922/BANNER_300x250_22%20(1).jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
b02a57572acf7916be727f897ef9994f517a9b4313b05808877f02af6ea94d4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:34 GMT
last-modified
Mon, 29 May 2023 10:59:02 GMT
server
nginx
etag
"64748576-bed0"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
48848
universal.css
static.mailerlite.com/css/
782 B
447 B
Stylesheet
General
Full URL
https://static.mailerlite.com/css/universal.css?v4
Requested by
Host: static.mailerlite.com
URL: https://static.mailerlite.com/js/universal.js?v1686082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c70541cbc66c4b8c80b32b87187eb525940edac0927383c780c4403b2426b8e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:34 GMT
strict-transport-security
max-age=63072000
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 06 Jun 2023 10:58:17 GMT
server
cloudflare
age
4146
etag
W/"647f1149-30e"
vary
Accept-Encoding
content-type
text/css
content-encoding
br
cache-control
public, max-age=432000
cf-ray
7d334cab1ee09016-FRA
expires
Sun, 11 Jun 2023 20:10:34 GMT
x3k4x7l0b0_popups.js
static.mailerlite.com/data/a/1888/1888108/universal/
5 KB
2 KB
Script
General
Full URL
https://static.mailerlite.com/data/a/1888/1888108/universal/x3k4x7l0b0_popups.js?v=1686082234
Requested by
Host: static.mailerlite.com
URL: https://static.mailerlite.com/js/universal.js?v1686082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6bcf3fa177b83729e75d33eb2424d860e06457a16e60cba9fc6654cd9834f0a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:34 GMT
strict-transport-security
max-age=63072000
via
1.1 google
cf-cache-status
MISS
last-modified
Sat, 04 Mar 2023 06:35:16 GMT
server
cloudflare
content-encoding
br
etag
W/"6402e6a4-145d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=432000
cf-ray
7d334cab1ee29016-FRA
expires
Sun, 11 Jun 2023 20:10:34 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-45979688-1&cid=1770581484.1686082234&jid=77659429&_u=YADAAUAAAAAAACAAI~&z=968591330
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 20:10:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-45979688-1&cid=1770581484.1686082234&jid=77659429&_u=YADAAUAAAAAAACAAI~&z=968591330
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 20:10:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
if
a4p.adpartner.pro/tracker/ Frame DA03
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d498283b-b3ef-4ecc-8312-d73733fad61e%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A757%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522use_viewability%2522%253Afalse%252C%2522url%2522%253A%2522https%253A%252F%252Fespreso.tv%252F%2522%257D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Tue, 06 Jun 2023 20:10:34 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame B01A
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d498283b-b3ef-4ecc-8312-d73733fad61e%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A3290922%252C%2522rule_id%2522%253A246161%252C%2522show_id%2522%253A%25220d8b711d-8bd9-4c4a-bffd-c70a6c80c3d1%2522%257D%255D%252C%2522unit_id%2522%253A8883%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25220d8b711d-8bd9-4c4a-bffd-c70a6c80c3d1%2522%252C%2522use_viewability%2522%253Afalse%252C%2522url%2522%253A%2522https%253A%252F%252Fespreso.tv%252F%2522%257D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Tue, 06 Jun 2023 20:10:34 GMT
expires
0
pragma
no-cache
server
nginx
event
a4p.adpartner.pro/tracker/ Frame 5B2A
2 KB
958 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
40266b53cbdb75d09f7c33557ee9c8d8c52e331fcb6700aaf10333b45c4f0378

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://espreso.tv
Referer
https://espreso.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 20:10:34 GMT
server
nginx
cookie.js
partner.googleadservices.com/gampad/
387 B
600 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=espreso.tv&callback=_gfp_s_&client=ca-pub-9947899611690155
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9947899611690155&plah=espreso.tv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2f272efd5979631ea1b8c38e9b4157f6710b70d7a4ecb869201d89b2b99072a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=espreso.tv
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9947899611690155&plah=espreso.tv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=espreso.tv
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9947899611690155&plah=espreso.tv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C079
0
188 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9947899611690155&output=html&adk=1812271804&adf=3025194257&lmt=1686082222&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fespreso.tv%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686082233841&bpp=3&bdt=418&idt=267&shv=r20230531&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1719541547130&frm=20&pv=2&ga_vid=1770581484.1686082234&ga_sid=1686082234&ga_hid=244157220&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44792109%2C44759875%2C44759926%2C31075067%2C44788441&oid=2&pvsid=4243143396191436&tmod=2070928439&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=291
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9947899611690155&plah=espreso.tv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://espreso.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 20:10:34 GMT
expires
Tue, 06 Jun 2023 20:10:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230531&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9947899611690155&plah=espreso.tv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
810c43ace2a4da7679bcdf875af0147a1ab828951bbe48fc6613e24e40001b08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11263
x-xss-protection
0
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=359434224743688&ev=PageView&dl=https%3A%2F%2Fespreso.tv%2F&rl=&if=false&ts=1686082234143&sw=1600&sh=1200&v=2.9.106&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1686082234142.30230584&it=1686082234030&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 06 Jun 2023 20:10:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
esplq.stream-1719158840.m4v
media.espreso.tv/play/ Frame C08A
138 KB
138 KB
XHR
General
Full URL
https://media.espreso.tv/play/esplq.stream-1719158840.m4v
Requested by
Host: espreso.tv
URL: https://espreso.tv/player/dash.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.66.93 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
media.espreso.tv
Software
nginx/1.9.5 /
Resource Hash
08484b55b28b2cc3caacad297c0a17410b27f36efcb58b2075ebf2a82ae55068

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 20:10:34 GMT
Last-Modified
Tue, 06 Jun 2023 20:10:10 GMT
Server
nginx/1.9.5
ETag
"647f92a2-22799"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
141209
config.json
player.adtelligent.com/exchange_rates/736438/
2 KB
1 KB
XHR
General
Full URL
https://player.adtelligent.com/exchange_rates/736438/config.json?cb=https%3A%2F%2Fespreso.tv%2F
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_737420_16895.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
8856454ffb4dcda2cc2f095556be7c9f3cb4ca669254723f2e74fab89e933016

Request headers

Referer
https://espreso.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

expires
Thu, 08 Jun 2023 20:10:34 GMT
date
Tue, 06 Jun 2023 20:10:34 GMT
content-encoding
gzip
last-modified
Sun, 04 Jun 2023 12:02:24 GMT
server
nginx
etag
W/"647c7d50-850"
content-type
application/json
access-control-allow-origin
https://espreso.tv
cache-control
max-age=172800
x-proxy-cache
HIT
publishertag.ids.js
static.criteo.net/js/ld/
42 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 31 May 2023 13:09:50 GMT
server
nginx
etag
W/"6477471e-a980"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Jun 2023 20:10:34 GMT
if
a4p.adpartner.pro/tracker/ Frame E4AE
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d498283b-b3ef-4ecc-8312-d73733fad61e%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A7825%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fespreso.tv%252F%2522%257D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Tue, 06 Jun 2023 20:10:34 GMT
expires
0
pragma
no-cache
server
nginx
rexdot.js
gaua.hit.gemius.pl/__/_1686082234236/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1686082234236/rexdot.js?l=100&sendf=24&id=d61KuEcWTzv7RDf6B0jiIscQ.GOwYhfzh6San4D1SZz.X7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fespreso...
  • https://gaua.hit.gemius.pl/__/_1686082234236/rexdot.js?l=100&sendf=24&id=d61KuEcWTzv7RDf6B0jiIscQ.GOwYhfzh6San4D1SZz.X7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fespr...
169 B
422 B
Script
General
Full URL
https://gaua.hit.gemius.pl/__/_1686082234236/rexdot.js?l=100&sendf=24&id=d61KuEcWTzv7RDf6B0jiIscQ.GOwYhfzh6San4D1SZz.X7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fespreso.tv%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=.hknJbr5FJ8BM1EoeyD4iPktb8tEisXu_wRQv8L4KBf.M7WwnPIRyWwDrhqMyahAk605m_57DDa_2jrM7AziXMTfhjf2/sDVGi6yb5AlhB/&fpdata=98LLrp8YF067Bf2y3BN8tiwIW0IpE_LGsychkE06vBn.p7&ltime=268&fr=1&ref=&inner=_ver%3D342%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=647f92b9398bb1ab&brts=1686082234&fpcap=
Protocol
H2
Server
51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-83-200.eu
Software
GHC /
Resource Hash
105b7e4b39bec5a178cff93e752571ef5c60f37a9c4a6b3245afaaa480e9bddf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 20:10:34 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
169
expires
Mon, 05 Jun 2023 20:10:34 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 20:10:34 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1686082234236/rexdot.js?l=100&sendf=24&id=d61KuEcWTzv7RDf6B0jiIscQ.GOwYhfzh6San4D1SZz.X7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fespreso.tv%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=.hknJbr5FJ8BM1EoeyD4iPktb8tEisXu_wRQv8L4KBf.M7WwnPIRyWwDrhqMyahAk605m_57DDa_2jrM7AziXMTfhjf2/sDVGi6yb5AlhB/&fpdata=98LLrp8YF067Bf2y3BN8tiwIW0IpE_LGsychkE06vBn.p7&ltime=268&fr=1&ref=&inner=_ver%3D342%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=647f92b9398bb1ab&brts=1686082234&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Mon, 05 Jun 2023 20:10:34 GMT
/
ghb.adtelligent.com/geo/
143 B
409 B
XHR
General
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/MLnW1/hbw_master_737420_16895.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
98aaf09c878a86de01ecd735bd6c35be3511b11f35687aea20c32169817254a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 20:10:33 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://espreso.tv
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
143
tracking
ghb.adtelligent.com/adunit/
43 B
427 B
XHR
General
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=737420&site_id=16895&pbjsv=v7.37.1&full_page_url=https%3A%2F%2Fespreso.tv%2F&adid=kptu8n.l5&features=81952&vpbv=A148&tte=535&lifecycle_tte=1242
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/MLnW1/hbw_master_737420_16895.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 20:10:33 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://espreso.tv
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9947899611690155&plah=espreso.tv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Jun 2023 20:10:34 GMT
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1500212996695846&ev=fb_page_view&dl=https%3A%2F%2Fespreso.tv%2F&rl=&if=false&ts=1686082234250&sw=1600&sh=1200&at=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 06 Jun 2023 20:10:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A7D
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://espreso.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3461
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 19:12:53 GMT
expires
Wed, 05 Jun 2024 19:12:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8D24
783 B
970 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
06dd49fd2d364adac0f15158742fcbc95c0792143106cde76815e5df47f1c244
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-G62eorz72hi9V5ZC7qzbRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://espreso.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-G62eorz72hi9V5ZC7qzbRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 20:10:34 GMT
expires
Tue, 06 Jun 2023 20:10:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
syncframe
gum.criteo.com/ Frame 745F
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=espreso.tv
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://espreso.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 20:10:34 GMT
server
Kestrel
server-processing-duration-in-ticks
319457
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js
pagead2.googlesyndication.com/bg/ Frame 5A7D
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 12:18:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
287551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14484
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 02 Jun 2024 12:18:03 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8D24
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230531&jk=4243143396191436&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

esplq.stream-1719168840.m4v
media.espreso.tv/play/ Frame C08A
132 KB
132 KB
XHR
General
Full URL
https://media.espreso.tv/play/esplq.stream-1719168840.m4v
Requested by
Host: espreso.tv
URL: https://espreso.tv/player/dash.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.66.93 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
media.espreso.tv
Software
nginx/1.9.5 /
Resource Hash
cd9b1428153e3f19d0941979051234530e6ad72b9037272175769f8a1d942f0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 20:10:34 GMT
Last-Modified
Tue, 06 Jun 2023 20:10:20 GMT
Server
nginx/1.9.5
ETag
"647f92ac-20e43"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
134723
integrator.js
adservice.google.de/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=espreso.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=espreso.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
117 KB
39 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4243143396191436&correlator=3715368235950589&eid=31075025%2C31075066%2C31070232&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&iu_parts=22839168926%2Cespreso.tv_300x250_mob&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250&ifi=2&adks=2634113310&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Dbf8e1d43e371e35b-227f864607de0059%3AT%3D1686082234%3ART%3D1686082234%3AS%3DALNI_MZN3x4_x2v5oO1G3Yy_YYT9wk2ihw&gpic=UID%3D00000c4441254dd9%3AT%3D1686082234%3ART%3D1686082234%3AS%3DALNI_MaA8JH3XXY0GTD9hJqQ6bwDbgNgtg&abxe=1&dt=1686082234431&lmt=1686082222&dlt=1686082233423&idt=624&adxs=1186&adys=2461&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fespreso.tv%2F&frm=20&vis=1&psz=319x250&msz=319x250&fws=4&ohw=375&ga_vid=1770581484.1686082234&ga_sid=1686082234&ga_hid=244157220&ga_fc=true&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGOvO1JKJMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
39d71dbd3d63f1c4c5256a25c8fc39248e4a6982103c086da515a5f14ce5b741
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39986
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://espreso.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7598
6 KB
3 KB
Document
General
Full URL
https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://espreso.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 20:10:34 GMT
expires
Wed, 05 Jun 2024 20:10:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esplq.stream-1719178840.m4v
media.espreso.tv/play/ Frame C08A
125 KB
125 KB
XHR
General
Full URL
https://media.espreso.tv/play/esplq.stream-1719178840.m4v
Requested by
Host: espreso.tv
URL: https://espreso.tv/player/dash.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.66.93 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
media.espreso.tv
Software
nginx/1.9.5 /
Resource Hash
35e5db2f791667f7a628215a93f8beba684271212019170432908c5c6ea1e575

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 20:10:34 GMT
Last-Modified
Tue, 06 Jun 2023 20:10:30 GMT
Server
nginx/1.9.5
ETag
"647f92b6-1f3c3"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
127939
sid
mug.criteo.com/ Frame 745F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=espreso.tv&sn=ChromeSyncframe&so=0&topUrl=espreso.tv&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=nlqqzXxERTJLUXdZdm8yVnFDL0cyK2gvUllYbVpZN0M3WGFqS2QxOTJZQndBRktKcUh4dVFXWEEwWFdzVzQ0KzkyZ2x2UkR2eEdwYzlKd0xkUE5pb3BFQ2s2OXlFQWZUZGpWeHhjenpSU003OTVkUDI5ZXVjTHFLd2lJQ2...
422 B
650 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=nlqqzXxERTJLUXdZdm8yVnFDL0cyK2gvUllYbVpZN0M3WGFqS2QxOTJZQndBRktKcUh4dVFXWEEwWFdzVzQ0KzkyZ2x2UkR2eEdwYzlKd0xkUE5pb3BFQ2s2OXlFQWZUZGpWeHhjenpSU003OTVkUDI5ZXVjTHFLd2lJQ2tnV0VuSmFtSkx4azh0VkNtSmlsTE9RQzFFaVY1RW8xU3JkQjBwZHByejN2eWdRbDBDSGxEb1h3Y0E1TVVaUnA5dWtEZWdtT0xNNlJhbXFiZ3JJNllKWTRBMVdkUjlpS3o3czRtbElpUjM2RGJ2S2hwaXVKMm9RV3FOcjdLMkVRdjM2c1RxVFZKQjViWk9ZYytwWGVJSDQ5R3RJRGM4QT09fA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f73bbc9c7d785f3be4218a9119a699905d2780be9a65a264a7558705ead5c05f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 20:10:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4211856
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 20:10:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=nlqqzXxERTJLUXdZdm8yVnFDL0cyK2gvUllYbVpZN0M3WGFqS2QxOTJZQndBRktKcUh4dVFXWEEwWFdzVzQ0KzkyZ2x2UkR2eEdwYzlKd0xkUE5pb3BFQ2s2OXlFQWZUZGpWeHhjenpSU003OTVkUDI5ZXVjTHFLd2lJQ2tnV0VuSmFtSkx4azh0VkNtSmlsTE9RQzFFaVY1RW8xU3JkQjBwZHByejN2eWdRbDBDSGxEb1h3Y0E1TVVaUnA5dWtEZWdtT0xNNlJhbXFiZ3JJNllKWTRBMVdkUjlpS3o3czRtbElpUjM2RGJ2S2hwaXVKMm9RV3FOcjdLMkVRdjM2c1RxVFZKQjViWk9ZYytwWGVJSDQ5R3RJRGM4QT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
325602
content-length
0
expires
0
generate_204
tpc.googlesyndication.com/ Frame 5A7D
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?vPU65g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
www.facebook.com/tr/ Frame 8923
0
18 B
Document
General
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://espreso.tv
Referer
https://espreso.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://espreso.tv
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 20:10:34 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
container.html
935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 51CF
6 KB
3 KB
Document
General
Full URL
https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://espreso.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 20:10:34 GMT
expires
Wed, 05 Jun 2024 20:10:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 51CF
2 KB
975 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
URL: https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Jun 2023 20:10:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 18:25:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Jun 2023 20:10:34 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 51CF
2 KB
892 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
URL: https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 12:05:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
29102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Jun 2023 12:05:32 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 51CF
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjlZDupJ_ZIXNHZSvxgKX7IrICcSv2IVw_vGt578Rq5i75ucSEAEgnbLRlwFglcqTgqAHoAG16p76A8gBCakCa5nSKhz-sT7gAgCoAwHIA8sEqgSSAk_QgsTmdJwzOICWO74JRjgNCVe7NqbtmsuprRY_IXRrwV0ugZTvgrD7dYDY5zxXmc9SHalLF-pvWtWNDIgaCn6Ps59wfAF4CSroG-R5eRhGOyzEHVZUiNK4XpIejbAJ1l91a2okcDAGguJtM3IaD4hnBSPTvel_XA1w0lqg6PqlgnIJ5RgiW4zZfA7nj61fCBSViA0BF-ATgEPJAatZTxYAmda_w2jo2VPw6FXf6lmFr4H6hR2v03AraY2s8EqI2N1P9Jn1qs_0jp6jwtybE7eMQNFzcMUcPYcJF0YiiMAvxRPQUb9X-AkDEGMIzXbL5gy0dhxojiHvGiLlPqVtudnGfit4KGjs5tId8shNCjWa73nABOXHir-hBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAezleEFqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEPPhA9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEwvQFQGYFgGAFwGyFx8KHQgAEhRwdWItOTk0Nzg5OTYxMTY5MDE1NRjwpo0B&sigh=lm70eTUEt_0&uach_m=[UACH]&cid=CAQSPABygQiDEnhiHj5r7KSuihx3tpma9nSZW_JTyZIK8iphCr5sKEoQRTDHzYIUoZGRKYLUyovMQ3J08kkY0hgB&template_id=494
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 51CF
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite_fy2021.js
Requested by
Host: 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
URL: https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 12:05:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
29102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8798
x-xss-protection
0
server
cafe
etag
11317101923912129037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Jun 2023 12:05:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 51CF
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js
Requested by
Host: 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
URL: https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 17:13:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
10608
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Jun 2023 17:13:46 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame ADEF
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
URL: https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
6923
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 18:15:11 GMT
etag
48472445140208031
expires
Wed, 07 Jun 2023 18:15:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 51CF
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
URL: https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 12:05:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
29102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7991
x-xss-protection
0
server
cafe
etag
2412543371950383451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Jun 2023 12:05:32 GMT
l
www.google.com/ads/measurement/ Frame 51CF
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQSDEOTa5qh_YvJlsE_pybMFiU3SUCSa0TPMqdOxEnNUGKzjv4HuI3s8JRXRUTvRsk09LF3OPQLvHU4u-w0Y5Tvv-K1Tw
Requested by
Host: 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
URL: https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 51CF
173 KB
55 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
URL: https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 20:10:34 GMT
a0f85236eb26cc0778ab5a91ae2d3422.js
www.gstatic.com/mysidia/ Frame 51CF
32 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a0f85236eb26cc0778ab5a91ae2d3422.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
URL: https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78ddeb39a928825cfb11fbd72a2c5a5fabf18add9b6208e4bee826e7bcfd9c2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 21:12:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13674
x-xss-protection
0
last-modified
Wed, 31 May 2023 03:45:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 31 Aug 2023 21:12:58 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 51CF
36 KB
36 KB
Image
General
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcT8BNsKSeU4YvIMgv_dZfDgkQj4Oq4wk5y78cYNok13yHO7b0JhIsvWhR7_Rg&usqp=CAI
Requested by
Host: 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
URL: https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f5245ad8b1176ac7508e97114a4460a7b64e98aea8b02ff4bd50c58f082b6ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 15:21:39 GMT
x-content-type-options
nosniff
age
276535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36406
x-xss-protection
0
last-modified
Thu, 02 Sep 2021 10:02:41 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 02 Jun 2024 15:21:39 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 51CF
27 KB
27 KB
Image
General
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcToHLp0ztpHboK1aHElRH60fJZGzv77Pm-m0QKqTLgUR1Zo43JuUlvL7B-ePg&usqp=CAI
Requested by
Host: 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
URL: https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56c8d5fd753be920879aeed7a707a7cf38e520779c0a13f3f228666b6541b777
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 11:55:08 GMT
x-content-type-options
nosniff
age
29726
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27708
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 11:04:58 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 05 Jun 2024 11:55:08 GMT
17372476489928444632
tpc.googlesyndication.com/simgad/ Frame 51CF
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODMtO_EIRCsAhisAjIICBf7at22T3k
  • https://tpc.googlesyndication.com/simgad/17372476489928444632
9 KB
9 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/17372476489928444632
Requested by
Host: 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
URL: https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af00d9da7303b6d985638c20c93f09b3be27a7d3d85335ca7dc8e051d1877f32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 08:58:47 GMT
x-content-type-options
nosniff
age
40307
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9007
x-xss-protection
0
last-modified
Fri, 28 Oct 2022 08:41:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 05 Jun 2024 08:58:47 GMT

Redirect headers

date
Tue, 06 Jun 2023 08:58:47 GMT
x-content-type-options
nosniff
server
cafe
age
40307
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/17372476489928444632
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 06 Jul 2023 08:58:47 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame ADEF
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECPPjyEXZWZzCgfzVwLX7ys&google_cver=1&google_push=ATf1kGMxKSShJ5cZBeaNlt27z3ww09Lin2KeypPLgcGKIqENckVcDm-xw8-Gkuo_O6R86w9NrLAld8F9PvsPw2jzoJSxWXSzsxM
Requested by
Host: 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
URL: https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 20:10:35 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame ADEF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEENHjiqmKvnXovhSsxpn0FU&google_cver=1&google_push=ATf1kGPiMxdhQJ0pc9d52qI_4zP4z3ujZuvnJKu6YpjSG2QT58-XbEQb-Jq2wHd8qE1RNC-z4f65H0j0...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEENHjiqmKvnXovhSsxpn0FU&google_cver=1&google_push=ATf1kGPiMxdhQJ0pc9d52qI_4zP4z3ujZuvnJKu6YpjSG2QT58-XbEQb-Jq2wHd8qE1RNC-z4f6...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjIwOTI3Njg0NzUyOTIyNTY2Mw&google_push=ATf1kGPiMxdhQJ0pc9d52qI_4zP4z3ujZuvnJKu6YpjSG2QT58-XbEQb-Jq2wHd8qE1RNC-z4f65H0...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjIwOTI3Njg0NzUyOTIyNTY2Mw&google_push=ATf1kGPiMxdhQJ0pc9d52qI_4zP4z3ujZuvnJKu6YpjSG2QT58-XbEQb-Jq2wHd8qE1RNC-z4f65H0j0yRGZM-ypSxN_Juyziabj
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 20:10:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 20:10:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjIwOTI3Njg0NzUyOTIyNTY2Mw&google_push=ATf1kGPiMxdhQJ0pc9d52qI_4zP4z3ujZuvnJKu6YpjSG2QT58-XbEQb-Jq2wHd8qE1RNC-z4f65H0j0yRGZM-ypSxN_Juyziabj
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame ADEF
43 B
245 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEOhT_DIinH-_Sehu3KXxebg&google_cver=1&google_push=ATf1kGOgTjX06iUP2aCqx-h5E1OEjspGf8hcG0QqU3RTSfXwYvTzUH9G34hYXuPxpa-DlpycsKx2gq9NH1vknKY_HZ-6FwMmClk
Requested by
Host: 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
URL: https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 20:10:34 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame ADEF
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gNvhQm6FRTi2S6BxCjdDFA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gNvhQm6FRTi2S6BxCjdDFA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNjpfVJOPZV0Mgbqg6qMYJ0Zcf4LCYQEAdHtynzcCN225J2oIRMR8ncDM6OoSyMkF51VJeBqEjCF3PFWzYVzO_dQzwIMa_C
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 20:10:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gNvhQm6FRTi2S6BxCjdDFA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNjpfVJOPZV0Mgbqg6qMYJ0Zcf4LCYQEAdHtynzcCN225J2oIRMR8ncDM6OoSyMkF51VJeBqEjCF3PFWzYVzO_dQzwIMa_C
date
Tue, 06 Jun 2023 20:10:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame ADEF
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEJTUpya12b1XVAAhnKhEaxY&google_cver=1&google_push=ATf1kGNalhr8bICVY0L463ONQ1OZm8pFcwZiNevhtV-_-_Lveq6NmTS094_0TvSlbuyieOv0x0Ndts-RBdYI2EN4TGn5n8...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJTUpya12b1XVAAhnKhEaxY&google_cver=1&google_push=ATf1kGNalhr8bICVY0L463ONQ1OZm8pFcwZiNevhtV-_-_Lveq6NmTS094_0TvSlbuyieOv0x0Ndts-RBdYI2EN4...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HzUCMVmfQ3GbxzeBCoIyVQ&google_push=ATf1kGNalhr8bICVY0L463ONQ1OZm8pFcwZiNevhtV-_-_Lveq6NmTS094_0TvSlbuyieOv0x0Ndts-RBdYI2EN...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HzUCMVmfQ3GbxzeBCoIyVQ&google_push=ATf1kGNalhr8bICVY0L463ONQ1OZm8pFcwZiNevhtV-_-_Lveq6NmTS094_0TvSlbuyieOv0x0Ndts-RBdYI2EN4TGn5n8aWJpae
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 20:10:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=HzUCMVmfQ3GbxzeBCoIyVQ&google_push=ATf1kGNalhr8bICVY0L463ONQ1OZm8pFcwZiNevhtV-_-_Lveq6NmTS094_0TvSlbuyieOv0x0Ndts-RBdYI2EN4TGn5n8aWJpae
access-control-allow-origin
*
date
Tue, 06 Jun 2023 20:10:35 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame ADEF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGMIGyu_Bwix5PPNuP2N89cKEv6lo0ieSW6p4ADnugMzyDjygAvF_7mfxPot0jkLymuHPy7NO_sC6pzafArW_aAKeu5wbFDN&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-81e4d180-bab4-47bc-a10c-bc8f8e4fbaba-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGMIGyu_Bwix5PPNuP2N8...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMIGyu_Bwix5PPNuP2N89cKEv6lo0ieSW6p4ADnugMzyDjygAvF_7mfxPot0jkLymuHPy7NO_sC6pzafArW_aAKeu5wbFDN&google_hm=BYHk0YC6tEe8oQy8j45Puro
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMIGyu_Bwix5PPNuP2N89cKEv6lo0ieSW6p4ADnugMzyDjygAvF_7mfxPot0jkLymuHPy7NO_sC6pzafArW_aAKeu5wbFDN&google_hm=BYHk0YC6tEe8oQy8j45Puro
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 20:10:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMIGyu_Bwix5PPNuP2N89cKEv6lo0ieSW6p4ADnugMzyDjygAvF_7mfxPot0jkLymuHPy7NO_sC6pzafArW_aAKeu5wbFDN&google_hm=BYHk0YC6tEe8oQy8j45Puro
Date
Tue, 06 Jun 2023 20:10:36 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX81e4d180bab447bca10cbc8f8e4fbaba005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pixel
cm.g.doubleclick.net/ Frame ADEF
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESECQBO2JTe9tomoz8Z5kLhUU&google_cver=1&google_push=ATf1kGNYXCZRHB8h6...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESECQBO2JTe9tomoz8Z5kLhUU%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTAwOTY5NTczMjE4NjMzNzgxMA%3D%3D&google_gid=CAESECQBO2JTe9tomoz8Z5kLhUU&google_cver=1&google_push=ATf1kGNYXCZRHB8h60xTxmV5i2LENhSBjQ...
170 B
329 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTAwOTY5NTczMjE4NjMzNzgxMA%3D%3D&google_gid=CAESECQBO2JTe9tomoz8Z5kLhUU&google_cver=1&google_push=ATf1kGNYXCZRHB8h60xTxmV5i2LENhSBjQjiJa4Y__frarT3gpPqIRybz5R9NjTgocPIZvS57jhFZir94SIj_3fIu3HuwWgf3XtX
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 20:10:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 06 Jun 2023 20:10:35 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6d6f9b7b-25b1-4bd7-ba42-97789d4d79fd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTAwOTY5NTczMjE4NjMzNzgxMA%3D%3D&google_gid=CAESECQBO2JTe9tomoz8Z5kLhUU&google_cver=1&google_push=ATf1kGNYXCZRHB8h60xTxmV5i2LENhSBjQjiJa4Y__frarT3gpPqIRybz5R9NjTgocPIZvS57jhFZir94SIj_3fIu3HuwWgf3XtX
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame ADEF
0
130 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgaJk14GNwNzZvCZRk6yuG0CdGPlfDTEZ3VURVLHAQodaOy8QbzDSVkgcFL9ThFVdp_1-nOA
Requested by
Host: 935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
URL: https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 20:10:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 51CF
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ca2dd1592279da753203bd58f3d5433d4acd4be224e76df042e9a0d43034316

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 51CF
20 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 16:40:42 GMT
x-content-type-options
nosniff
age
271793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 16:40:42 GMT
Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js
pagead2.googlesyndication.com/bg/ Frame 6A78
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js
Requested by
Host: espreso.tv
URL: https://espreso.tv/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 12:18:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
287552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14484
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 02 Jun 2024 12:18:03 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230531&jk=4243143396191436&bg=!Pj2lPWnNAAY9J7QfHSc7ADkAdvg8WrEABMZ3w7vi9OfPRLPahKn9GVsq9SUcf9PyAV-rBVLpMY5h5k8RNXWcyLhbuAyXPFbtJRsCAAAAZFIAAAACaAEHCgDHk3MOgGs-w8UBy2r3R6Tt6-oLCFI3m4JO-jO0GsPpqD9XpLnErAc8IF_db5A7TpBe9l0dZrXIoa-cz2PkngrMyzJy6VuGnuy3wWbLSUd4xV4p9OGHbOWcfY5MzTdMXMMNHuQvWq_wQSisVLmq6JFcfg98zQBcwCyEjOUZmE1eOgx6_jmMVcWuweXek9x6wLUAyhd7BuZee6dilxSMrDLaODnZnc4mR-TgU-xxhF_kNCFW6HDvK55rw387aUQu1_O_H--uqSDml5kCv8xI6re2CELZQkJa-PiDJkzjFuAB1Pegnnb56cwQpC7tKHZmf07SYrZSq0OitCkXrbnLTc8H0LGsOUv23dZ2k0Vo8bxOafLRLmwoN_DJUYTAyOPqDdvFLfoltx5owFDCFFlkv68X3mOLDG-Iq58YOkeGCe_cwTsLHXZFowlFFcf1B1Ftn7aXQqrFh-b3QjZTcPd9QlIdY1vuo7vofhEAO3F-PEHn2dMj6ylfHeLAckEeSsIhgVAGRbwK3VyY9lXjVQVuF-lNoNdaRTOkmKuXLo_1sG2tVobEvUOHb2TyAloy-RPuQmJUG8Mrd-pLOra3sOWYmpMfazFPDzwQykjKj5qUJ7PpFRRcqYqFILMYtHXunZTNMFNPhb4ol25BpANZKkdn_g8GTinthWKTmaidICLcc0A4YlH5xLs6wHNvZdi_sK_LpTgN9o7mPH3PxYhW0L3zRvzsdrIW0mjKNez4sfwkf50cr9gMXMGxINqygcbmlqx4IUJs2E3MfDfqzPE4eyDlLNxjeF97bnjxoRMsKPjbB_7Rf3Bm6GUx61IjR4LZMEb2F9yzCkkFSxHwo_AVSlx6rTa0Ewb3lrKchFsc69wSYkXOT02CqizybpJbi5Ah5fmfipeaZmqMohVxlGd8lTTrX6qbNld_QdoeMVFE62V1Y11GWfkPIlg6srGZ2jDiCuG6P54z-yA8EFZbA4Wr3Ii4faODg29c3XJYdhvu_LE2onjQKlizSxB0wl7scTTxTmZdnYZ0KnalK8gG0UWhsZDsabZfhvXralZQanR81bHOL331-rlQhNyRh5-l8Bs-fuLhdtKUDPkS1pgcSze_-9BL9fu_mMzTyEete-_J8C6NBLAYWjkmMe70rj9Xewv0F8awCPnoZTjKgyvnkwCJPI6VwhOMv-n3pUWhxQWIT8Zkl8XSpejjKaXNzjdmiac
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

if
a4p.adpartner.pro/tracker/ Frame 6891
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d498283b-b3ef-4ecc-8312-d73733fad61e%2522%252C%2522event%2522%253A%2522vb_iab1%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A3290922%252C%2522rule_id%2522%253A246161%252C%2522show_id%2522%253A%25220d8b711d-8bd9-4c4a-bffd-c70a6c80c3d1%2522%257D%255D%252C%2522unit_id%2522%253A8883%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25220d8b711d-8bd9-4c4a-bffd-c70a6c80c3d1%2522%252C%2522use_viewability%2522%253Afalse%252C%2522url%2522%253A%2522https%253A%252F%252Fespreso.tv%252F%2522%257D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Tue, 06 Jun 2023 20:10:35 GMT
expires
0
pragma
no-cache
server
nginx
multitracking
ghb.adtelligent.com/adunit/
0
221 B
XHR
General
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/MLnW1/hbw_master_737420_16895.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://espreso.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://espreso.tv
Date
Tue, 06 Jun 2023 20:10:34 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
if
a4p.adpartner.pro/tracker/ Frame B970
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d498283b-b3ef-4ecc-8312-d73733fad61e%2522%252C%2522event%2522%253A%2522vb_iab2%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A3290922%252C%2522rule_id%2522%253A246161%252C%2522show_id%2522%253A%25220d8b711d-8bd9-4c4a-bffd-c70a6c80c3d1%2522%257D%255D%252C%2522unit_id%2522%253A8883%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25220d8b711d-8bd9-4c4a-bffd-c70a6c80c3d1%2522%252C%2522use_viewability%2522%253Afalse%252C%2522url%2522%253A%2522https%253A%252F%252Fespreso.tv%252F%2522%257D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Tue, 06 Jun 2023 20:10:36 GMT
expires
0
pragma
no-cache
server
nginx
esplq.stream.mpd
media.espreso.tv/play/ Frame C08A
1 KB
2 KB
XHR
General
Full URL
https://media.espreso.tv/play/esplq.stream.mpd
Requested by
Host: espreso.tv
URL: https://espreso.tv/player/dash.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.66.93 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
media.espreso.tv
Software
nginx/1.9.5 /
Resource Hash
dd8f00f4acd51491224dca8d88913e42c66fc72d50b54d7dd69f2c31d1ad1cf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://espreso.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 20:10:39 GMT
Last-Modified
Tue, 06 Jun 2023 20:10:30 GMT
Server
nginx/1.9.5
ETag
"647f92b6-5b0"
Content-Type
application/dash+xml
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1456

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
espreso.tv
URL
https://espreso.tv/img/px.gif

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 boolean| credentialless object| onbeforetoggle object| onscrollend object| __cfQR boolean| checkMobile function| gtag object| dataLayer boolean| is_lighthouse object| googletag object| vmpbjs object| vpb string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event object| head object| script function| $ function| jQuery function| Sly function| Viewer function| PhotoSwipe function| PhotoSwipeUI_Default function| LazyLoad function| setCookie function| getCookie boolean| __cfRLUnblockHandlers function| loadForms object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady string| scr object| div object| x number| len undefined| newScript object| APC object| adexOpt number| loadingMedia object| adPartnerMediaAd object| place object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID boolean| initVisitTime object| logVisitTime number| sessionPageview object| result string| key string| apuid object| sessionData object| loadedBanners object| gaGlobal object| jHtmlManager function| getSessionData number| bannerNum object| onMainScriptLoad object| loadAdpartnerHtmlUnit object| adexQ object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| fbAsyncInit function| fbq function| _fbq function| ml_account string| MailerLiteObject function| ml function| adpartnerMedia function| adpartnerHTMLUnit object| apConversionTracker object| gemius_init_pageview object| gemius_cmpclient object| gemius_cookie function| GemiusHitcolConnector object| gemius_hcconn function| gemius_init function| pp_gemius_init function| gemius_close number| pp_gemius_cnt object| gaplugins object| gaData object| onMainScriptLoad7825 object| FB object| banner757_93140950746865970 object| banner8883_74301727013603980 number| k object| ml_storage function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| vmpbjsChunk object| ADAGIO object| mnet string| nobidVersion object| nobid object| banner7825 object| __buffer object| GoogleGcLKhOms object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_137 object| Criteo object| Criteo_identitytag_137 object| google_image_requests

35 Cookies

Domain/Path Name / Value
.espreso.tv/ Name: __cf_bm
Value: HZwDHXSkQHzMv2YNB_GYYm.4gm8fjs8PEKcn_mCItBA-1686082233-0-AU0WJiubaW1e4ulPlhQDDP+vvl5C9zeM2KdC/60a+PvDSzIHIwLi7jWhJ4hy6nXXKuq0Rqv+h8c7uzwEYZNws7M=
espreso.tv/ Name: uuid
Value: b2f40caf-f470-486e-bd0a-707150566d76
espreso.tv/ Name: session_id
Value: 7f28775e-8996-4244-8ff7-e906c7a66ada
espreso.tv/ Name: session_pageview
Value: 1686082234.1
espreso.tv/ Name: site_visited
Value: 1686168634.1
espreso.tv/ Name: lapuid
Value: d498283b-b3ef-4ecc-8312-d73733fad61e
.espreso.tv/ Name: _ga_93P3ZTPNK3
Value: GS1.1.1686082233.1.0.1686082233.60.0.0
espreso.tv/ Name: XSRF-TOKEN
Value: eyJpdiI6IjV5RFlPUVpYXC9QVW1keFwvQjA0MzJWdz09IiwidmFsdWUiOiJPTVIyZFl3Mm1RT3dRaVFLUmVVaGlhbVlaRFgyNHQySTA4Y3NsZ3Iyc2puRFNKK1ZmdWpWQnZhaUtVU3pLTm1DIiwibWFjIjoiZTgwZDdjMGY4N2M1N2U2NmZjZjVjZGFhZTZmNzZmNWJhNDFmZTgzMDA3NDA5M2Q5YTg1OWUxNmM3MTc3MTQwOSJ9
espreso.tv/ Name: espresotv_session
Value: eyJpdiI6Illsd0Vnb2NoUytQeHJHMU9tXC9hYzF3PT0iLCJ2YWx1ZSI6ImZvZ0tlNDdmejEyRFRSN3J1NmQwRU5qWThQWjRHZFRJYk1vUUJcL09uMkt5WldIcW5HbFU4dEdZMDdQSGREZzNyIiwibWFjIjoiZTZiZmZmZDI1ZGRkNzNjMjhkZDNjODIzNDc1MDJjOWQzYTUzYWIwMjFlZDllMjcxOGVmMGI0NWQ0MGU3MTE5NiJ9
a4p.adpartner.pro/ Name: apuid
Value: d498283b-b3ef-4ecc-8312-d73733fad61e
a4p.adpartner.pro/ Name: apudmg
Value: 1
.espreso.tv/ Name: _ga
Value: GA1.2.1770581484.1686082234
.espreso.tv/ Name: _gid
Value: GA1.2.1498030082.1686082234
.espreso.tv/ Name: _gat_gtag_UA_45979688_1
Value: 1
.espreso.tv/ Name: _dc_gtm_UA-45979688-2
Value: 1
.espreso.tv/ Name: __gfp_64b
Value: 98LLrp8YF067Bf2y3BN8tiwIW0IpE_LGsychkE06vBn.p7|1686082233
.espreso.tv/ Name: _fbp
Value: fb.1.1686082234142.30230584
espreso.tv/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.espreso.tv/ Name: _pubcid
Value: 346414a9-7de8-494c-809c-cb4dfe6c6e15
.espreso.tv/ Name: __gads
Value: ID=bf8e1d43e371e35b-227f864607de0059:T=1686082234:RT=1686082234:S=ALNI_MZN3x4_x2v5oO1G3Yy_YYT9wk2ihw
.espreso.tv/ Name: __gpi
Value: UID=00000c4441254dd9:T=1686082234:RT=1686082234:S=ALNI_MaA8JH3XXY0GTD9hJqQ6bwDbgNgtg
.hit.gemius.pl/ Name: Gtest
Value: KlS_7MGGQMGGCD78KKGDp82UssGMXP8c25nSGmM9mnKBXBG.
.hit.gemius.pl/ Name: Gdyn
Value: KlQb9MaGQMGGCD78KKGDp82UssGMXP8c25nSGmM9mnKBFRxSG7RrGS6GtsEtFlM1YH8PlexaG0F6Sssa
.criteo.com/ Name: uid
Value: 9c0156b9-bbe6-4e6d-88c4-763faad4f827
.espreso.tv/ Name: cto_bundle
Value: PumfY19nOXR3enpJTmZRcWIwallCY0JrZnppb1J5dm5rbTJFSzc2YkxIaFpzYXZXJTJGSDZNWU9JTVByakJqVXZFZkJrUkloR1lqQW1NRWFDYUpjTXZYQUdXJTJGODZienAwNW5PV3hzZkNMYU1ueHlyVks3T0p1NDVNRjgyb0p6a3pCNjBsJTJGYXlqZE1KMkVCVjNCRG9wY3A1NUU0MVElM0QlM0Q
.doubleclick.net/ Name: IDE
Value: AHWqTUk5AavtXyAvScxmlPLbtjvZ5hJLmKY-3PflUwE56C416Y_ySzyedrC2NL0fG_w
.adnxs.com/ Name: uuid2
Value: 1009695732186337810
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 80DBE142-6E85-4538-B64B-A0710A374314
.adform.net/ Name: uid
Value: 2209276847529225663
.360yield.com/ Name: tuuid
Value: 1f350231-599f-4371-9bc7-37810a823255
.360yield.com/ Name: tuuid_lu
Value: 1686082235
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-81e4d180-bab4-47bc-a10c-bc8f8e4fbaba-005%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-81e4d180-bab4-47bc-a10c-bc8f8e4fbaba-005%22%7D

8 Console Messages

Source Level URL
Text
javascript warning URL: https://espreso.tv/streamonline
Message:
The resource https://espreso.tv/css/fonts/Mariupol-Regular.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://espreso.tv/streamonline
Message:
The resource https://espreso.tv/css/fonts/Mariupol-Bold.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://espreso.tv/streamonline
Message:
The resource https://espreso.tv/css/client/app.css?v=2.4 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://espreso.tv/streamonline
Message:
The resource https://espreso.tv/css/fonts/GothamPro.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://espreso.tv/streamonline
Message:
The resource https://espreso.tv/css/fonts/Mariupol-Medium.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://espreso.tv/streamonline
Message:
The resource https://espreso.tv/svg/logo-desktop.svg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://espreso.tv/streamonline
Message:
The resource https://espreso.tv/img/mobile-logo.svg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://espreso.tv/streamonline
Message:
The resource https://espreso.tv/js/client/build.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

935a67591ff4390a0c6a6df7ee079375.safeframe.googlesyndication.com
a4p.adpartner.pro
adservice.google.com
adservice.google.de
c1.adform.net
cm.g.doubleclick.net
connect.facebook.net
dclk-match.dotomi.com
encrypted-tbn1.gstatic.com
espreso.tv
file.adpartner.pro
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
ghb.adtelligent.com
googleads.g.doubleclick.net
gum.criteo.com
image6.pubmatic.com
ls.hit.gemius.pl
match.360yield.com
media.espreso.tv
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
player.adtcdn.com
player.adtelligent.com
region1.analytics.google.com
rtb.openx.net
secure.adnxs.com
securepubads.g.doubleclick.net
static.criteo.net
static.espreso.tv
static.mailerlite.com
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
espreso.tv
137.74.6.209
142.250.185.194
146.59.30.96
178.250.1.11
185.64.190.78
199.127.204.142
2001:4860:4802:32::36
2606:4700::6812:b94
2606:4700::6812:d45
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:80b::2004
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9c
2a02:2638:3::3
2a02:2638:3::c
2a02:fa8:8806:16::1400
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3121::3
2a0c:5c81:5142::2
35.173.145.243
35.227.252.103
37.157.6.243
37.252.171.52
45.133.44.3
51.83.200.186
89.184.66.93
89.184.82.24
019a32d6afac3ff802afbaed91fd5f2f9f740d519f87d3e30fab3781bea96d02
02a81b8695233066f5c1baefa1931d35550ed8122634895de47631ddb97eb0e5
06dd49fd2d364adac0f15158742fcbc95c0792143106cde76815e5df47f1c244
06e6a17abebe37dac4aeaf99e96e8ecd9b89abbc0c68f9a775593cfc2d3502f3
08484b55b28b2cc3caacad297c0a17410b27f36efcb58b2075ebf2a82ae55068
08b54658c816f1537466a8e674f3710ca6ea559af8af1a3d3e5b1de7579e96e0
09c856c342f755b7ec8237882ba61e1eb5f5f1974e30ea390b49c8499ae0b0e3
0a5c77b3fcba48f513af145ea004511ec1c0e300daffc984a11363921cbd238d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd
0d461c9905c05d0c17319e48e0c00ceed6645da61cad2363e8d93c6a5dfda8b4
0e708de4d6b3b4b1691ab56aa50194b59ab53d25c28d3f6ecc6fb741f64a3637
0e8102494840aee8c1a89b2c41af73d051d9de485722c58a6c83701feed69970
105b7e4b39bec5a178cff93e752571ef5c60f37a9c4a6b3245afaaa480e9bddf
1a35536d90b735ac4c624a19bd16ebe7c9e8f9fc6b061d8598a2d42766580174
1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34
23c26adfb829857eaa2e7fd2990ba66a4d84db9b82cfe8f54e8bcb619ad4fc2d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c189c713159314557cae8d298d85db5b5898a62b55cb5641856d2f67bc99c93
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
348fa7fa68c167dd972c12bdace54cdb173584508f194a9bd9bdd31ce07b44e1
35e5db2f791667f7a628215a93f8beba684271212019170432908c5c6ea1e575
3683a544733802247edc7b407053f2212a2c53201868b1ca7275988f163b13e0
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
39d71dbd3d63f1c4c5256a25c8fc39248e4a6982103c086da515a5f14ce5b741
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
40266b53cbdb75d09f7c33557ee9c8d8c52e331fcb6700aaf10333b45c4f0378
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
457af3e64c0c9f521adab81c34598c7a111d1e02ca698f4ff88e1b0c58d8f6af
4681c6b5ce2f7549eec273f6e0c1aa7b6d50b4d5f5fecab2790b29bf2cb1976c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a0b3fc826340dc04107752f1e04751f6d31b9f163170d748f58726b8c85429b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f5245ad8b1176ac7508e97114a4460a7b64e98aea8b02ff4bd50c58f082b6ef
4fcdaf10bc628560c3fd06913fc8cb5f05f655300ba8315a7d4ef42906305786
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
556b0db9d5b98828f8c1aefe61b57ae48b20ebe9435a9d38b9bef152b549c473
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560530fbce61e7b8acfaa5cdd96f78ad9009e143b37e79580c962510f30cd78e
56c8d5fd753be920879aeed7a707a7cf38e520779c0a13f3f228666b6541b777
5725950dfca860da5fde6d0cb442f094d47664536c7d60af28c4f336a0d1065e
5b693233dbdc13d7e593fcc0cc2e2b3666734bd7ac755fc524d87a89583006b3
5b79e0d5c31556f29a4294ba44d827c04d9ae59062c6e7e7c622d546c063003a
5c54f352ea99892fd8a91d5936bca218ac440055077a6730074e66c1954b81c5
60b571b38d95ef9200c2631805b5eb12260d4f3c161d0e10cf2373c9112a964e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61eeb0302088373740e373417021bfef52f8fcc822613c0da98d16a1c4f01e24
64b7f1eb1a4ade7faab29638b49afc9701d1fa3c37841dfaa58bf0af28b421dc
68af52b37053d7a12a8776f8b8734fd8494f5d2650e957d464bbd0117abbb782
693bfc170cf834207105a006cc75648cfe8bbd4ba652f0a7d4c1500a8ae659ae
708e75d73d3a5ecab9ee2d1860a88fb2eaac217bf21716dcc991f4c8517294e5
749d0a767c884d4ec8fec2e388ebe7d75be8b1cad21dd811933d3ca8b5f6f047
7817d93712c03a57e19baf167a34089bacaaf201e426707f137661d24bb3c790
78ddeb39a928825cfb11fbd72a2c5a5fabf18add9b6208e4bee826e7bcfd9c2c
7c70541cbc66c4b8c80b32b87187eb525940edac0927383c780c4403b2426b8e
810c43ace2a4da7679bcdf875af0147a1ab828951bbe48fc6613e24e40001b08
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8856454ffb4dcda2cc2f095556be7c9f3cb4ca669254723f2e74fab89e933016
8ca2dd1592279da753203bd58f3d5433d4acd4be224e76df042e9a0d43034316
8d2bfadc9b38d9a02ad0213d5675fe98329ac27b507530d16bc3ff19c197fce6
90a5ac5341501278b98edc55f0ff9b9fd42cf8454359e6fb37d79d7388cc9bd8
94021ffb803e0404faee97b71d30522368f1d45b57f9db51723832a80d479280
98aaf09c878a86de01ecd735bd6c35be3511b11f35687aea20c32169817254a1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e9acfa47b8cc1cb4bd19f95c22cf2ec0d499d0f872b80aad7633372d11d2d11
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8e6e3bae7ae349523b4fdbfc22654ca1db55fa81e928650dd0d8be49fc5d04d
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ade3492d175b9d52b78af3ec7abd2abc2d73227a13d507cf87272b29093d93d7
ae68d0301b989714b3c0ab9ad5c9d216642c77a49b101b5652aa50b1e0c198bc
af00d9da7303b6d985638c20c93f09b3be27a7d3d85335ca7dc8e051d1877f32
b02a57572acf7916be727f897ef9994f517a9b4313b05808877f02af6ea94d4d
b099204753a813b688a41d8ace3903b9ae81a9b24a71e1d912d3abf44359d9e9
b4b9db7142823621e50613babd5867d318bbea7701f15f76dab6d1a27a353abc
bc6d4a7f8af2294f37abc61a41f3f2258ba0fe7c9a5f3b0946ff4bcd146e0d4e
bdcac1e10788d93b26eed12185d13b3c2d6db8d45b30c0d0f351768096f361b4
bf0dd2c6497c3664840483b78bf81fb7ab83294d26b0c1f7c8ab0acaa4c131ee
c2f272efd5979631ea1b8c38e9b4157f6710b70d7a4ecb869201d89b2b99072a
c332dc32b71b15a5ca6dd172672a89f322415cad2542647456f9d72da5bb57d9
c44416823250e3eae2a3430ab020547f9d592cc719430f69134217f0e766d0e5
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c57309e35b543a2b22cc7ff3b37dd9154ddb0f5a115a1da34d29ca733c4583e8
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
c993cc241101ba42c8f532ac58363b159d4d6123935249b21f6565cf45ec3d38
c9a2240830cf779802536aec45319fb95f3eb30cd09b893f34777cafab739570
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd9b1428153e3f19d0941979051234530e6ad72b9037272175769f8a1d942f0c
cec2770f0a488a198c81a69ddb7ea41d43e9345c03673f6475fd8bcd3a0e1830
d32b94d1af8db20fbbffda740827746cca729dee3ff55b82bae6c124e232df57
d4f9e3bf5329c277674a387af703da3ee8b93ab69f48b357cae8d80b70a472b2
d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52
dcc19dcb9321779626e6ba46e3442f880a20567aae479131c7903cabfad59679
dd8f00f4acd51491224dca8d88913e42c66fc72d50b54d7dd69f2c31d1ad1cf0
dd9eb8e4ecd8363c9d7c919f35b9f9f4705f488879b6fc60a11bd59fb68bc4a1
dde7015f09108415a0b0ebb440a2b82086c5cf09cbc4472c9756106e8a355548
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e02da845387edbdd44fcaeb3f005b99d5ad96eade3ce2d1a392c85a56f627e1c
e20015e5c89df20fde3f6041e3fc15099a532f8a01e9f3d5b284775005937d90
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6bcf3fa177b83729e75d33eb2424d860e06457a16e60cba9fc6654cd9834f0a
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eec43f4e547503dd4405a17d90c1efa320af4ee111207d409d04fda8870d4188
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10371d5f6070a9d7d7d3b1f8c6b3e8b6f15f7c09036a7b8bf5d43d0793342bf
f143204a833cd66a8797daf47b2981e83a23ae37cce8c69f12dd554213589b27
f51a69d005a497b7352ae355c562c02465f50f7db4c1bff93390a017b7fef456
f73bbc9c7d785f3be4218a9119a699905d2780be9a65a264a7558705ead5c05f